From: Matt Birkholz <matt@birchwood-abbey.net>
Date: Tue, 17 Sep 2024 19:55:10 +0000 (-0600)
Subject: Add Samba to Core servers, with special shares for HomeAssistant.
X-Git-Url: https://birchwood-abbey.net/git?a=commitdiff_plain;h=d8923f3a631673a217d3b67e0c42b22231d42469;p=Network

Add Samba to Core servers, with special shares for HomeAssistant.
---

diff --git a/README.org b/README.org
index 295b58d..00d5405 100644
--- a/README.org
+++ b/README.org
@@ -1508,6 +1508,78 @@ minutes and =cronjob-midnight= at midnight.
     user: monkey
 #+END_SRC
 
+** Install Samba
+
+The abbey core provides NAS (Network Attached Storage) service to the
+cloister network.  It also provides writable shares for a Home
+Assistant appliance (Raspberry Pi).
+
+- Install ~samba~.
+- Create system user ~hass~.
+- Create =/home/hass/{media,backup,share}/= with appropriate
+  permissions.
+
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
+#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
+
+- name: Install Samba.
+  become: yes
+  apt: pkg=samba
+
+- name: Add system user hass.
+  become: yes
+  user:
+    name: hass
+    system: yes
+
+- name: Add {{ ansible_user }} to hass group.
+  become: yes
+  user:
+    name: "{{ ansible_user }}"
+    append: yes
+    groups: hass
+
+- name: Configure shares.
+  become: yes
+  blockinfile:
+    block: |
+      [Shared]
+      path = /Shared
+      guest ok = yes
+      read only = yes
+
+      [HASS-backup]
+      comment = Home Assistant backup
+      path = /home/hass/backup
+      valid users = hass
+      read only = no
+
+      [HASS-media]
+      comment = Home Assistant media
+      path = /home/hass/media
+      valid users = hass
+      read only = yes
+
+      [HASS-share]
+      comment = Home Assistant share
+      path = /home/hass/share
+      valid users = hass
+      read only = no
+    dest: /etc/samba/smb.conf
+    marker: "# {mark} ABBEY MANAGED BLOCK"
+  notify: New shares.
+#+END_SRC
+
+#+CAPTION: [[file:roles_t/abbey-core/handlers/main.yml][=roles_t/abbey-core/handlers/main.yml=]]
+#+BEGIN_SRC conf :tangle roles_t/abbey-core/handlers/main.yml
+
+- name: New shares.
+  become: yes
+  systemd:
+    service: smbd
+    state: reloaded
+#+END_SRC
+
 
 * The Abbey Gate Role
 
diff --git a/roles_t/abbey-core/handlers/main.yml b/roles_t/abbey-core/handlers/main.yml
index 576d518..7db3b39 100644
--- a/roles_t/abbey-core/handlers/main.yml
+++ b/roles_t/abbey-core/handlers/main.yml
@@ -24,3 +24,9 @@
   systemd:
     service: munin
     state: restarted
+
+- name: New shares.
+  become: yes
+  systemd:
+    service: smbd
+    state: reloaded
diff --git a/roles_t/abbey-core/tasks/main.yml b/roles_t/abbey-core/tasks/main.yml
index ddd939e..8930b1a 100644
--- a/roles_t/abbey-core/tasks/main.yml
+++ b/roles_t/abbey-core/tasks/main.yml
@@ -311,3 +311,50 @@
 - name: Install netpbm.
   become: yes
   apt: pkg=netpbm
+
+- name: Install Samba.
+  become: yes
+  apt: pkg=samba
+
+- name: Add system user hass.
+  become: yes
+  user:
+    name: hass
+    system: yes
+
+- name: Add {{ ansible_user }} to hass group.
+  become: yes
+  user:
+    name: "{{ ansible_user }}"
+    append: yes
+    groups: hass
+
+- name: Configure shares.
+  become: yes
+  blockinfile:
+    block: |
+      [Shared]
+      path = /Shared
+      guest ok = yes
+      read only = yes
+
+      [HASS-backup]
+      comment = Home Assistant backup
+      path = /home/hass/backup
+      valid users = hass
+      read only = no
+
+      [HASS-media]
+      comment = Home Assistant media
+      path = /home/hass/media
+      valid users = hass
+      read only = yes
+
+      [HASS-share]
+      comment = Home Assistant share
+      path = /home/hass/share
+      valid users = hass
+      read only = no
+    dest: /etc/samba/smb.conf
+    marker: "# {mark} ABBEY MANAGED BLOCK"
+  notify: New shares.