nodes/home.nas: add users to "nas" group, add cronjobs to ensure permissions on nas dataset
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
9e2cb92766
commit
84d1984cc1
GPG key ID:
12E3D2136B818350
2 changed files with 19 additions and 0 deletions
|
|
@ -18,6 +18,9 @@ files = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for group, attrs in node.metadata.get('groups', {}).items():
|
||||||
|
groups[group] = attrs
|
||||||
|
|
||||||
for username, attrs in node.metadata['users'].items():
|
for username, attrs in node.metadata['users'].items():
|
||||||
home = attrs.get('home', '/home/{}'.format(username))
|
home = attrs.get('home', '/home/{}'.format(username))
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,6 +29,15 @@ nodes['home.nas'] = {
|
||||||
'backup-server': {
|
'backup-server': {
|
||||||
'zfs-base': 'storage/backups',
|
'zfs-base': 'storage/backups',
|
||||||
},
|
},
|
||||||
|
'cron': {
|
||||||
|
# Ensure every user is able to read and write to the NAS dataset.
|
||||||
|
'chown_nas': '0 3 * * * root chown -R :nas /storage/nas/',
|
||||||
|
'chmod_nas_group': '0 4 * * * root chmod -R g+rw /storage/nas',
|
||||||
|
'chmod_nas_others': '0 4 * * * root chmod -R o-rwx /storage/nas',
|
||||||
|
},
|
||||||
|
'groups': {
|
||||||
|
'nas': {},
|
||||||
|
},
|
||||||
'nfs-server': {
|
'nfs-server': {
|
||||||
'shares': {
|
'shares': {
|
||||||
'/storage/nas': {
|
'/storage/nas': {
|
||||||
|
|
@ -64,6 +73,13 @@ nodes['home.nas'] = {
|
||||||
'kunsi': {
|
'kunsi': {
|
||||||
'groups': {
|
'groups': {
|
||||||
'libvirt',
|
'libvirt',
|
||||||
|
'nas',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'sophie': {
|
||||||
|
'groups': {
|
||||||
|
'libvirt',
|
||||||
|
'nas',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue