From 399d1370ac1e1288b4f2619caa8ac2291a84a3a2 Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Mon, 18 Apr 2022 14:54:48 +0200
Subject: [PATCH] properly scope shared variable spaces

---
 ad-server-replication/defaults/main.yml | 2 ++
 ad-server/defaults/main.yml             | 2 ++
 nfs-server/defaults/main.yml            | 4 ++++
 nfs-server/tasks/main.yml               | 8 ++++----
 4 files changed, 12 insertions(+), 4 deletions(-)
 create mode 100644 nfs-server/defaults/main.yml

diff --git a/ad-server-replication/defaults/main.yml b/ad-server-replication/defaults/main.yml
index e8197eb..47c2db1 100644
--- a/ad-server-replication/defaults/main.yml
+++ b/ad-server-replication/defaults/main.yml
@@ -3,3 +3,5 @@
 ad_admin_password: samba-admin
 smb_model_prefork: false
 smb_prefork_children: 4  # since it is default in 4.10
+smb_domain: "{{ domain.split('.')[0].upper() }}"
+REALM: "{{ domain.upper() }}"
diff --git a/ad-server/defaults/main.yml b/ad-server/defaults/main.yml
index e8197eb..47c2db1 100644
--- a/ad-server/defaults/main.yml
+++ b/ad-server/defaults/main.yml
@@ -3,3 +3,5 @@
 ad_admin_password: samba-admin
 smb_model_prefork: false
 smb_prefork_children: 4  # since it is default in 4.10
+smb_domain: "{{ domain.split('.')[0].upper() }}"
+REALM: "{{ domain.upper() }}"
diff --git a/nfs-server/defaults/main.yml b/nfs-server/defaults/main.yml
new file mode 100644
index 0000000..b242408
--- /dev/null
+++ b/nfs-server/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+nfs_krb: false
+nfs_krb_primary_ad_server: "{{ ad_primary|default(hostvars[groups['servers_ad'][0]]['ansible_host']) }}"
diff --git a/nfs-server/tasks/main.yml b/nfs-server/tasks/main.yml
index 1f7efdf..a3c4643 100644
--- a/nfs-server/tasks/main.yml
+++ b/nfs-server/tasks/main.yml
@@ -93,7 +93,7 @@
     - name: create service principal
       # yamllint disable-line rule:line-length
       command: samba-tool spn add "nfs/{{ ansible_fqdn }}" "{{ ansible_hostname | upper }}$"
-      delegate_to: "{{ hostvars[groups['servers_ad'][0]]['ansible_host'] }}"
+      delegate_to: "{{ nfs_krb_primary_ad_server }}"
       tags:
         - nfs-server
         - service-principal
@@ -103,7 +103,7 @@
       command: samba-tool domain exportkeytab "/root/{{ ansible_fqdn }}.keytab" --principal "nfs/{{ ansible_fqdn }}"
       args:
         creates: "/root/{{ ansible_fqdn }}.keytab"
-      delegate_to: "{{ hostvars[groups['servers_ad'][0]]['ansible_host'] }}"
+      delegate_to: "{{ nfs_krb_primary_ad_server }}"
       tags:
         - nfs-server
         - service-principal
@@ -112,7 +112,7 @@
       synchronize:
         src: "/root/{{ ansible_fqdn }}.keytab"
         dest: "/root/{{ ansible_fqdn }}.keytab"
-      delegate_to: "{{ hostvars[groups['servers_ad'][0]]['ansible_host'] }}"
+      delegate_to: "{{ nfs_krb_primary_ad_server }}"
       tags:
         - nfs-server
         - service-principal
@@ -144,7 +144,7 @@
       file:
         path: "/root/{{ ansible_fqdn }}.keytab"
         state: absent
-      delegate_to: "{{ hostvars[groups['servers_ad'][0]]['ansible_host'] }}"
+      delegate_to: "{{ nfs_krb_primary_ad_server }}"
       tags:
         - nfs-server
         - service-principal
-- 
GitLab