mirror of https://github.com/de-it-krachten/ansible-role-nfs synced 2026-05-14 11:51:49 +00:00

No description

Jinja 100%

Find a file

semantic-release-bot fbcb68b17b chore(release): 1.11.0 [skip ci] # [1.11.0](https://github.com/de-it-krachten/ansible-role-nfs/compare/v1.10.0...v1.11.0) (2026-03-15) ### Features * Added support for Fedora 43 ([`3a9f942`](`3a9f942c9d`)) * Drop support for Debian 10 (Buster) ([`4561829`](`456182988d`)) * Drop support for Fedora 41 ([`96d2bb0`](`96d2bb0991`)) * Drop support for SUSE Linux Enterprise 15 ([`2c230c1`](`2c230c124d`))		2026-03-15 11:39:25 +00:00
.github/workflows	Update CI	2026-03-14 19:45:55 +01:00
defaults	feat: Add NFS v4 ACL tools	2025-03-14 20:56:26 +01:00
handlers	fix: Change code in favour of earlier OS defaults	2023-04-03 16:51:54 +02:00
meta	Update CI	2026-03-14 19:45:55 +01:00
molecule/default	Update CI	2026-03-14 19:45:55 +01:00
tasks	feat: Add optional removal of NFS mount only	2024-04-12 21:36:10 +02:00
templates	Refactor to support server+server+kerberos	2021-10-18 00:20:33 +02:00
.ansible-lint	feat: Update CI to latest standards	2022-10-09 01:18:24 +02:00
.cicd	Update CI	2026-03-06 22:53:01 +01:00
.cicd.overwrite	Update CI	2026-03-14 19:45:55 +01:00
.collections	fix: Fix for correctly resolving default vars	2024-02-02 12:03:06 +01:00
.gitignore	feat: Update supported platforms & CI	2024-12-29 02:23:03 +01:00
.releaserc.yml	Update CI	2026-03-06 22:53:01 +01:00
.roles	feat: Update CI to latest standards	2022-10-09 01:18:24 +02:00
.yamllint	feat: Update supported platforms & CI	2024-12-29 02:23:03 +01:00
CHANGELOG.md	chore(release): 1.11.0 [skip ci]	2026-03-15 11:39:25 +00:00
README.md	Update CI	2026-03-14 19:45:55 +01:00

README.md

ansible-role-nfs

Install NFS server/client versions v3/v4

Dependencies

Roles

None

Collections

ansible.posix

Platforms

Supported platforms

Red Hat Enterprise Linux 8¹
Red Hat Enterprise Linux 9¹
Red Hat Enterprise Linux 10¹
CentOS 7¹
RockyLinux 8
RockyLinux 9
RockyLinux 10
OracleLinux 8
OracleLinux 9
OracleLinux 10
AlmaLinux 8
AlmaLinux 9
AlmaLinux 10
Debian 11 (Bullseye)¹
Debian 12 (Bookworm)¹
Debian 13 (Trixie)
Ubuntu 18.04 LTS¹
Ubuntu 20.04 LTS¹
Ubuntu 22.04 LTS¹
Ubuntu 24.04 LTS
Fedora 42
Fedora 43

Note: ¹ : no automated testing is performed on these platforms

Role Variables

defaults/main.yml


# Install/confire NFS server
nfs_server: false

# Install/confire NFS client
nfs_client: true

# Configure NFS to use KRB5 (kerberos)
nfs_krb5: false

# Open firewall ports
nfs_firewall: true

# List of NFS exports to share on server
nfs_exports: []

# List of NFS mount to setup on clients
nfs_mounts: []

# Exclude this mount if this string is found in the source name/ip
nfs_mount_exclude: DUMMY

# Only perform NFS mount removals on clients
nfs_umount_only: false

# Enable the use of home directories located on remote NFS exports
# This will set the appropiate SELinux boolean
nfs_home_dir: false

# NFS implementation(s) to use
nfs_v3: false
nfs_v4: true

# Ports to use to make NFS v3 work through firewall
nfs_statd_port: "32766"
nfs_mountd_port: "32767"
nfs_lockd_port: "32768"

# List of NFS v3 ports
nfs_v3_server_firewall_ports:
  - port: '2049'
    proto: tcp
  - port: '111'
    proto: tcp
  - port: '111'
    proto: udp
  - port: "{{ nfs_statd_port }}"
    proto: tcp
  - port: "{{ nfs_statd_port }}"
    proto: udp
  - port: "{{ nfs_mountd_port }}"
    proto: tcp
  - port: "{{ nfs_mountd_port }}"
    proto: udp
  - port: "{{ nfs_lockd_port }}"
    proto: tcp
  - port: "{{ nfs_lockd_port }}"
    proto: udp

# List of NFS v4 ports
nfs_v4_server_firewall_ports:
  - port: '2049'
    proto: tcp

defaults/family-Debian.yml


# Install/confire NFS server
nfs_server: false

# Install/confire NFS client
nfs_client: true

# Configure NFS to use KRB5 (kerberos)
nfs_krb5: false

# Open firewall ports
nfs_firewall: true

# List of NFS mount
nfs_mounts: []

# Exclude this mount if this string is found in the source name/ip
nfs_mount_exclude: DUMMY

# Enable the use of home directories located on remote NFS exports
# This will set the appropiate SELinux boolean
nfs_home_dir: false

# NFS implementation(s) to use
nfs_v3: false
nfs_v4: true

# Ports to use to make NFS v3 work through firewall
nfs_statd_port: "32766"
nfs_mountd_port: "32767"
nfs_lockd_port: "32768"

# List of NFS v3 ports
nfs_v3_server_firewall_ports:
  - port: '2049'
    proto: tcp
  - port: '111'
    proto: tcp
  - port: '111'
    proto: udp
  - port: "{{ nfs_statd_port }}"
    proto: tcp
  - port: "{{ nfs_statd_port }}"
    proto: udp
  - port: "{{ nfs_mountd_port }}"
    proto: tcp
  - port: "{{ nfs_mountd_port }}"
    proto: udp
  - port: "{{ nfs_lockd_port }}"
    proto: tcp
  - port: "{{ nfs_lockd_port }}"
    proto: udp

# List of NFS v4 ports
nfs_v4_server_firewall_ports:
  - port: '2049'
    proto: 'tcp'

# Server packages
nfs_server_packages:
  - nfs-kernel-server
  - procps
  - nfs4-acl-tools

# Server packages for kerberos support
nfs_server_packages_krb5:
  - gssproxy

# Client packages
nfs_client_packages:
  - nfs-common
  - nfs4-acl-tools

# Server services
nfs_server_services:
  - nfs-kernel-server

# Server services for kerberos support
nfs_server_services_krb5:
  - rpc-gssd

# Client services for kerberos support
nfs_client_services_krb5:
  - rpc-gssd

defaults/family-RedHat.yml


# Install/confire NFS server
nfs_server: false

# Install/confire NFS client
nfs_client: true

# Configure NFS to use KRB5 (kerberos)
nfs_krb5: false

# Open firewall ports
nfs_firewall: true

# List of NFS mount
nfs_mounts: []

# Exclude this mount if this string is found in the source name/ip
nfs_mount_exclude: DUMMY

# Enable the use of home directories located on remote NFS exports
# This will set the appropiate SELinux boolean
nfs_home_dir: false

# NFS implementation(s) to use
nfs_v3: false
nfs_v4: true

# Ports to use to make NFS v3 work through firewall
nfs_statd_port: "32766"
nfs_mountd_port: "32767"
nfs_lockd_port: "32768"

# List of NFS v3 ports
nfs_v3_server_firewall_ports:
  - port: '2049'
    proto: tcp
  - port: '111'
    proto: tcp
  - port: '111'
    proto: udp
  - port: "{{ nfs_statd_port }}"
    proto: tcp
  - port: "{{ nfs_statd_port }}"
    proto: udp
  - port: "{{ nfs_mountd_port }}"
    proto: tcp
  - port: "{{ nfs_mountd_port }}"
    proto: udp
  - port: "{{ nfs_lockd_port }}"
    proto: tcp
  - port: "{{ nfs_lockd_port }}"
    proto: udp

# List of NFS v4 ports
nfs_v4_server_firewall_ports:
  - service: 'nfs'
    proto: tcp
  - service: 'mountd'
    proto: tcp
  - service: 'rpc-bind'
    proto: tcp

# Server packages
nfs_server_packages:
  - nfs-utils
  - nfs4-acl-tools

# Server packages for kerberos support
nfs_server_packages_krb5:
  - gssproxy

# Client packages
nfs_client_packages:
  - nfs-utils
  - nfs4-acl-tools

# Server services
nfs_server_services:
  - rpcbind
  - nfs-server

# Server services for kerberos support
nfs_server_services_krb5:
  - gssproxy
  - rpc-gssd

# Client services for kerberos support
nfs_client_services_krb5:
  - gssproxy
  - rpc-gssd

defaults/family-Suse.yml


# Install/confire NFS server
nfs_server: false

# Install/confire NFS client
nfs_client: true

# Configure NFS to use KRB5 (kerberos)
nfs_krb5: false

# Open firewall ports
nfs_firewall: true

# List of NFS mount
nfs_mounts: []

# Exclude this mount if this string is found in the source name/ip
nfs_mount_exclude: DUMMY

# Enable the use of home directories located on remote NFS exports
# This will set the appropiate SELinux boolean
nfs_home_dir: false

# NFS implementation(s) to use
nfs_v3: false
nfs_v4: true

# Ports to use to make NFS v3 work through firewall
nfs_statd_port: "32766"
nfs_mountd_port: "32767"
nfs_lockd_port: "32768"

# List of NFS v3 ports
nfs_v3_server_firewall_ports:
  - port: '2049'
    proto: tcp
  - port: '111'
    proto: tcp
  - port: '111'
    proto: udp
  - port: "{{ nfs_statd_port }}"
    proto: tcp
  - port: "{{ nfs_statd_port }}"
    proto: udp
  - port: "{{ nfs_mountd_port }}"
    proto: tcp
  - port: "{{ nfs_mountd_port }}"
    proto: udp
  - port: "{{ nfs_lockd_port }}"
    proto: tcp
  - port: "{{ nfs_lockd_port }}"
    proto: udp

# List of NFS v4 ports
nfs_v4_server_firewall_ports:
  - service: 'nfs'
    proto: tcp
  - service: 'mountd'
    proto: tcp
  - service: 'rpc-bind'
    proto: tcp

# Server packages
nfs_server_packages:
  - nfs-kernel-server
  - nfs4-acl-tools

# Server packages for kerberos support
nfs_server_packages_krb5:
  - gssproxy

# Client packages
nfs_client_packages:
  - nfs-client
  - nfs4-acl-tools

# Server services
nfs_server_services:
  - rpcbind
  - nfs-server

# Server services for kerberos support
nfs_server_services_krb5:
  - gssproxy
  - rpc-gssd

# Client services for kerberos support
nfs_client_services_krb5:
  - gssproxy
  - rpc-gssd

Example Playbook

molecule/default/converge.yml


- name: sample playbook for role 'nfs'
  hosts: all
  become: true
  tasks: null
- name: sample playbook for role 'nfs'
  hosts: nfs_servers
  become: true
  vars:
    nfs_v3: false
    nfs_v4: true
    __nfs_server: '{{ groups[''nfs_servers''] | first }}'
    __nfs_client: '{{ groups[''nfs_clients''] | first }}'
    export_path: /export/test
    clients: '{{ [ ( inventory_hostname | regex_replace(''-server'', ''-client''))
      ] }}'
  tasks:
    - name: Create path to export
      ansible.builtin.file:
        path: '{{ export_path }}'
        state: directory
        mode: '0755'
    - name: Setup NFS server
      ansible.builtin.include_role:
        name: nfs
      vars:
        nfs_server: true
        nfs_exports: []
    - name: Setup NFS server
      ansible.builtin.include_role:
        name: nfs
      vars:
        nfs_server: true
        nfs_exports:
          - path: '{{ export_path }}'
            clients: '{{ clients }}'
            options: rw,sync,no_root_squash
    - name: Setup NFS server
      ansible.builtin.include_role:
        name: nfs
      vars:
        nfs_server: true
        nfs_exports: []
- name: sample playbook for role 'nfs'
  hosts: nfs_clients
  become: true
  vars:
    nfs_v3: false
    nfs_v4: true
    __nfs_server: '{{ groups[''nfs_servers''] | first }}'
    __nfs_client: '{{ groups[''nfs_clients''] | first }}'
    export_path: /export/test
    server: '{{ ( inventory_hostname | regex_replace(''-client'', ''-server'')) }}'
  tasks:
    - name: Setup NFS client
      ansible.builtin.include_role:
        name: nfs
      vars:
        nfs_server: false
        nfs_mounts:
          - src: '{{ server }}:{{ export_path }}'
            target: /mnt
            type: nfs
            options: rw,sync