tripleo-ansible/tripleo_ansible/roles/backup-and-restore/setup_nfs/tasks/main.yml

142 lines
4.0 KiB
YAML

---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# "backup-and-restore" will search for and load any operating system variable file
# found within the "vars/" path. If no OS files are found the task will skip.
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- skip: true
files:
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_version'].split('.')[0] }}.yml"
- "{{ ansible_facts['os_family'] | lower }}.yml"
tags:
- always
- name: Install required packages for the NFS server
become: true
package:
name: "{{ tripleo_backup_and_restore_nfs_packages }}"
state: present
tags:
- bar_setup_nfs_server
- name: Allow NFS connections port 111.
become: true
iptables:
action: insert
rule_num: '1'
chain: INPUT
ctstate: NEW
protocol: tcp
destination_port: '111'
jump: ACCEPT
comment: Accept new NFS connections (111).
tags:
- bar_setup_nfs_server
- name: Allow NFS connections port 2049.
become: true
iptables:
action: insert
rule_num: '1'
chain: INPUT
ctstate: NEW
protocol: tcp
destination_port: '2049'
jump: ACCEPT
comment: Accept new NFS connections (2049).
tags:
- bar_setup_nfs_server
- name: Gather status of services running on the system
service_facts:
register: services_state
ignore_errors: true
tags:
- bar_setup_nfs_server
- name: Open ports in firewalld
become: true
block:
- name: Allow NFS port 111 in the firewall
ansible.posix.firewalld:
port: 111/tcp
permanent: true
immediate: true
state: enabled
zone: "{{ tripleo_backup_and_restore_firewalld_zone }}"
- name: Allow NFS port 2049 in the firewall
ansible.posix.firewalld:
port: 2049/tcp
permanent: true
immediate: true
state: enabled
zone: "{{ tripleo_backup_and_restore_firewalld_zone }}"
when: >
services_state is defined and
services_state.ansible_facts.services['firewalld.service'] is defined and
services_state.ansible_facts.services['firewalld.service'].state == "running"
tags:
- bar_setup_nfs_server
- name: Enable the NFS service in the NFS server
become: true
systemd:
name: nfs-server
enabled: true
tags:
- bar_setup_nfs_server
- name: Create backup folder in the NFS server
become: true
file:
path: "{{ tripleo_backup_and_restore_nfs_storage_folder }}"
state: directory
mode: '0777'
tags:
- bar_setup_nfs_server
- name: Get the lines
set_fact:
bar_exportfs_lines: "{% for net in tripleo_backup_and_restore_nfs_clients_nets %}\
{{ tripleo_backup_and_restore_nfs_storage_folder }} {{ net }}(rw,sync,no_root_squash,no_subtree_check)\n{% endfor %}"
tags:
- bar_setup_nfs_server
- name: NFS
blockinfile:
path: /etc/exports
block: "{{ bar_exportfs_lines }}"
backup: true
tags:
- bar_setup_nfs_server
- name: Reload the NFS service
become: true
systemd:
name: nfs-server
state: reloaded
tags:
- bar_setup_nfs_server