0

How can I write a playbook to

  1. Make sure both NFS server and client listen to same domain in /etc/idmapd.conf and confirmed with nfsidmap -d
[General]

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if it differs from FQDN minus hostname
Domain = localdomain

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup
  1. Also Enable the id mapping in /sys/module/nfsd/parameters/nfs4_disable_idmapping

It is currently Y and I need it to be N. I tried running the playbook below but I get an error:

- hosts: localhost
  tasks:
    - name: Run command to enable id mapping
      become: true
      lineinfile:
        path: /sys/module/nfs/parameters/nfs4_disable_idmapping
        regexp: 'Y'
        line: 'N'
        state: present
  1. Finally Run the command nfsidmap -c
vidarlo
  • 3,775
  • 1
  • 12
  • 25
faheem
  • 1
  • 2

1 Answers1

0

For the CLI commands you can use shell – Execute shell commands on targets.

- name: Display the system's effective NFSv4 domain name on 'stdout'
  shell:
    cmd: nfsidmap -d
  register: result
  changed_when: false
  check_mode: false
  failed_when: result.rc != 0

- name: Show result
  debug:
    msg: "{{ result.stdout }}"

You may compare it then with Ansible Facts - ansible_domain and if gathered.

For your configuration file you could use a template – Template a file out to a target host idmapd.conf.j2.

[General]

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if it differs from FQDN minus hostname
Domain = {{ ansible_domain }}

[Mapping]

Nobody-User = nobody
Nobody-Group = nogroup

Looking into what exactly does nfs4_disable_idmapping parameter do there seems to be no need for your complex approach. Just make sure there is a file which contains N would be enough.

- name: Make sure ID mapping is enabled
  copy:
    content: 'N'
    dest: /sys/module/nfs/parameters/nfs4_disable_idmapping
U880D
  • 597
  • 7
  • 17