Initialisation depot
This commit is contained in:
Serge NOEL
92
Migration/Ansible/roles/samba4-dc/tasks/pre_install.yml
Normal file
92
Migration/Ansible/roles/samba4-dc/tasks/pre_install.yml
Normal file
@@ -0,0 +1,92 @@
|
||||
---
|
||||
# Pre-installation tasks
|
||||
- name: Install required Samba packages
|
||||
apt:
|
||||
name:
|
||||
- samba
|
||||
- samba-dsdb-modules
|
||||
- samba-vfs-modules
|
||||
- winbind
|
||||
- libnss-winbind
|
||||
- libpam-winbind
|
||||
- krb5-config
|
||||
- krb5-user
|
||||
- dnsutils
|
||||
- acl
|
||||
- attr
|
||||
- ldb-tools
|
||||
- smbclient
|
||||
state: present
|
||||
|
||||
- name: Stop default Samba services
|
||||
systemd:
|
||||
name: "{{ item }}"
|
||||
state: stopped
|
||||
enabled: no
|
||||
loop:
|
||||
- smbd
|
||||
- nmbd
|
||||
- winbind
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Mask default Samba services to prevent conflicts
|
||||
systemd:
|
||||
name: "{{ item }}"
|
||||
masked: yes
|
||||
loop:
|
||||
- smbd
|
||||
- nmbd
|
||||
- winbind
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Check if server is already an Active Directory Domain Controller
|
||||
shell: |
|
||||
if [ -f /etc/samba/smb.conf ]; then
|
||||
grep -i "server role.*active directory domain controller" /etc/samba/smb.conf || echo "not_ad_dc"
|
||||
else
|
||||
echo "no_config"
|
||||
fi
|
||||
register: samba_role_check
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: Display current Samba role status
|
||||
debug:
|
||||
msg: |
|
||||
{% if 'active directory domain controller' in samba_role_check.stdout.lower() %}
|
||||
✅ Server is already configured as Active Directory Domain Controller
|
||||
⚠️ Skipping backup and cleanup to preserve existing AD configuration
|
||||
{% else %}
|
||||
ℹ️ Server is not configured as AD DC ({{ samba_role_check.stdout }})
|
||||
🔄 Will backup existing config and clean databases
|
||||
{% endif %}
|
||||
|
||||
- name: Backup existing Samba configuration
|
||||
copy:
|
||||
src: /etc/samba/smb.conf
|
||||
dest: /etc/samba/smb.conf.orig
|
||||
remote_src: yes
|
||||
backup: yes
|
||||
ignore_errors: yes
|
||||
when: "'active directory domain controller' not in samba_role_check.stdout.lower()"
|
||||
|
||||
- name: Clean existing Samba databases
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- /var/lib/samba/private
|
||||
- /var/cache/samba
|
||||
- /etc/samba/smb.conf
|
||||
ignore_errors: yes
|
||||
when: "'active directory domain controller' not in samba_role_check.stdout.lower()"
|
||||
|
||||
- name: Recreate Samba directories
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
loop:
|
||||
- /var/lib/samba
|
||||
- /var/cache/samba
|
||||
when: "'active directory domain controller' not in samba_role_check.stdout.lower()"
|
||||
Reference in New Issue
Block a user