refactor nfs-server

now we are using automatically the machine user for creating the principles. It is untestet, because there is no host where we need a new encrypted nfs :(

refactor nfs-server
83e0b4a4 · Hinrikus Wolf · 097945f8 · 83e0b4a4
Commit 83e0b4a4 authored 7 years ago by Hinrikus Wolf
--- a/nfs-server/tasks/main.yml
+++ b/nfs-server/tasks/main.yml
@@ -65,25 +65,8 @@
    - service-principal
 - block:
-    - name: test if there is a nfs-user account
-      shell: samba-tool user list | grep nfs-user
-      register: nfsuser
-      failed_when: False
-      delegate_to: "{{ hostvars[groups['ad-server'][0]]['ansible_host'] }}"
-      tags:
-        - nfs-server
-        - service-principal
-    - name: ensure there is a nfs-user account
-      command: samba-tool user create nfs-user --random-password
-      when: nfsuser.rc == 1
-      delegate_to: "{{ hostvars[groups['ad-server'][0]]['ansible_host'] }}"
-      tags:
-        - nfs-server
-        - service-principal
    - name: create service principal
-      command: samba-tool spn add "nfs/{{ ansible_fqdn }}" nfs-user
+      command: samba-tool spn add "nfs/{{ ansible_fqdn }}" "{{ ansible_hostname | upper }}$"
      delegate_to: "{{ hostvars[groups['ad-server'][0]]['ansible_host'] }}"
      tags:
        - nfs-server