github.com/swiftstack/proxyfs@v0.0.0-20201223034610-5434d919416e/confgen/templates/smb_globals.tmpl

github.com/swiftstack/proxyfs@v0.0.0-20201223034610-5434d919416e/confgen/templates/smb_globals.tmpl (about)

     1  {{/* Declare our global variables.  Need Go 1.11+ */}}
     2  {{$AdIDCommentStr := ""}}
     3  {{$ADDisabledCommentStr := ""}}
     4  {{$EnabledIfNoAD := ";"}} {{/* If no AD, print this line */}}
     5  {{ if not .SMB.ADEnabled }}
     6  	{{$EnabledIfNoAD = ""}}
     7  	{{$ADDisabledCommentStr = ";"}}
     8  {{ end }}
     9  
    10  {{ if not .SMB.ADIDMgmt}}
    11  	{{$AdIDCommentStr = ";"}}
    12  {{ end }}
    13  
    14  [global]
    15  
    16  # ----------------------- Network-Related Options -------------------------
    17  {{ if .SMB.WorkGroup }}
    18  	workgroup = {{ .WorkGroup }}
    19  {{ end }}
    20  	interfaces = {{ .VirtualIPAddr }}
    21  	pid directory = /opt/ss/var/run/samba/{{ .VolumeGroupName }}
    22  	lock directory = /opt/ss/var/cache/samba/{{ .VolumeGroupName }}
    23  	private dir = /opt/ss/var/cache/samba/{{ .VolumeGroupName }}
    24  
    25  	server string = Samba Server Version %v
    26  	map to guest = {{ .SMB.MapToGuest }}
    27  
    28  	netbios name = {{ .VirtualHostName }}
    29  	server min protocol = {{ .SMB.ServerMinProtocol }}
    30  
    31  # --------------------------- Temporary Options -------------------------
    32  # Until we resolve permissions
    33  {{ $EnabledIfNoAD }}force user = root
    34  	
    35  
    36  # --------------------------- Logging Options -----------------------------
    37  
    38  	# log files split per-machine:
    39  	log file = /opt/ss/var/log/samba/log.%m
    40  	# maximum size of 50KB per log file, then rotate:
    41  	max log size = 50
    42  {{ if .SMB.AuditLogging }}
    43  	log level = full_audit:1
    44  {{ end }}
    45  
    46  # ----------------------- Standalone Server Options ------------------------
    47  	security = {{ .SMB.Security }}
    48  	{{ $EnabledIfNoAD }}passdb backend = tdbsam:/opt/ss/lib64/samba/passdb.tdb
    49  	restrict anonymous = 2
    50  	public = no
    51  	guest account = nobody
    52  	rpc_server:lsarpc = {{ .SMB.RPCServerLSARPC }}
    53  
    54  
    55  # ----------------------- Domain Members Options ------------------------
    56  {{ $ADDisabledCommentStr }}realm = {{ .SMB.ADRealm }}
    57  {{ $AdIDCommentStr }}winbind nss info = {{ .SMB.ADIDSchema }}
    58  winbind use default domain = yes
    59  winbind refresh tickets = yes
    60  winbind enum users = yes
    61  winbind enum groups = yes
    62  winbind expand groups = 5
    63  winbind nested groups = yes
    64  
    65  {{ $ADDisabledCommentStr }}idmap config *:backend = tdb
    66  {{ $ADDisabledCommentStr }}idmap config *:range = {{ .SMB.ADIDMapDefaultMin }} - {{ .SMB.ADIDMapDefaultMax }}
    67  
    68  {{ $ADDisabledCommentStr }}idmap config {{ .SMB.WorkGroup }}:backend = {{ .SMB.ADBackEnd }}
    69  {{ $ADDisabledCommentStr }}idmap config {{ .SMB.WorkGroup }}:default = yes
    70  {{ $ADDisabledCommentStr }}idmap config {{ .SMB.WorkGroup }}:range = {{ .SMB.ADIDMapWorkgroupMin }} - {{ .SMB.ADIDMapWorkgroupMax }}
    71  
    72  {{ $ADDisabledCommentStr }}template shell = /sbin/nologin
    73  {{ $ADDisabledCommentStr }}domain master = no
    74  {{ $ADDisabledCommentStr }}preferred master = no
    75  	  	 	  
    76  {{ $ADDisabledCommentStr }}kerberos method = secrets and keytab
    77  
    78  
    79  #----------------------------- Name Resolution -------------------------------
    80  
    81  {{ $ADDisabledCommentStr }}wins server =
    82  {{ $ADDisabledCommentStr }}remote announce = {{ .SMB.BrowserAnnounce }}/{{ .SMB.WorkGroup }}
    83  
    84  # --------------------------- ProxyFS Options ---------------------------
    85  
    86  	proxyfs:PrivateIPAddr = {{ .VirtualIPAddr }}
    87  	proxyfs:TCPPort = {{ .SMB.TCPPort }}
    88  	proxyfs:FastTCPPort = {{ .SMB.FastTCPPort }}
    89