From efe9500d79687f198e7066170c48d9760de5053e Mon Sep 17 00:00:00 2001 From: jbond Date: Mon, 17 Feb 2025 13:50:34 +0100 Subject: [PATCH 1/3] nfs::server: allow arrays for nfs_v4_export_root_clients The config for nfs_v4_export_root_clients looks horrible when you have multiple nfs clients. Update config to allow using arrays --- REFERENCE.md | 4 ++-- manifests/init.pp | 2 +- manifests/server.pp | 2 +- manifests/server/config.pp | 3 ++- spec/classes/nfs_spec.rb | 18 +++++++++++++++++- 5 files changed, 23 insertions(+), 6 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index a56766ed..dcefc5d6 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -377,7 +377,7 @@ Default value: `'/export'` ##### `nfs_v4_export_root_clients` -Data type: `String` +Data type: `Variant[String, Array[String]]` It defines the clients that are allowed to mount NFS version 4 exports and includes the option string. @@ -708,7 +708,7 @@ Default value: `$nfs::nfs_v4_export_root` ##### `nfs_v4_export_root_clients` -Data type: `String` +Data type: `Variant[String, Array[String]]` diff --git a/manifests/init.pp b/manifests/init.pp index 84238de0..26750c5b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -237,7 +237,7 @@ String $client_gssdopt_name = $nfs::params::client_gssdopt_name, Boolean $client_d9_gssdopt_workaround = false, String $nfs_v4_export_root = '/export', - String $nfs_v4_export_root_clients = "*.${facts['networking']['domain']}(ro,fsid=root,insecure,no_subtree_check,async,root_squash)", + Variant[String, Array[String]] $nfs_v4_export_root_clients = "*.${facts['networking']['domain']}(ro,fsid=root,insecure,no_subtree_check,async,root_squash)", String $nfs_v4_mount_root = '/srv', String $nfs_v4_idmap_domain = $nfs::params::nfs_v4_idmap_domain, Variant[String, Array] $nfs_v4_idmap_localrealms = '', # lint:ignore:params_empty_string_assignment diff --git a/manifests/server.pp b/manifests/server.pp index 68abf537..dfc431e6 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -25,7 +25,7 @@ Enum['present', 'absent', 'running', 'stopped', 'disabled'] $ensure = $nfs::ensure, Boolean $nfs_v4 = $nfs::nfs_v4, String $nfs_v4_export_root = $nfs::nfs_v4_export_root, - String $nfs_v4_export_root_clients = $nfs::nfs_v4_export_root_clients, + Variant[String, Array[String]] $nfs_v4_export_root_clients = $nfs::nfs_v4_export_root_clients, String $nfs_v4_idmap_domain = $nfs::nfs_v4_idmap_domain, String $nfs_v4_root_export_ensure = $nfs::nfs_v4_root_export_ensure, Optional[String] $nfs_v4_root_export_mount = $nfs::nfs_v4_root_export_mount, diff --git a/manifests/server/config.pp b/manifests/server/config.pp index d304fecb..a425604b 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -17,9 +17,10 @@ if $nfs::nfs_v4 { if $nfs::nfsv4_bindmount_enable { + $nfs_v4_clients = Array($nfs::server::nfs_v4_export_root_clients, true).join(' ') concat::fragment { 'nfs_exports_root': target => $nfs::exports_file, - content => "${nfs::server::nfs_v4_export_root} ${nfs::server::nfs_v4_export_root_clients}\n", + content => "${nfs::server::nfs_v4_export_root} ${nfs_v4_clients}\n", order => 2, } } diff --git a/spec/classes/nfs_spec.rb b/spec/classes/nfs_spec.rb index 4283b6d5..92421994 100644 --- a/spec/classes/nfs_spec.rb +++ b/spec/classes/nfs_spec.rb @@ -402,10 +402,26 @@ end end + context 'when nfs_v4_export_root_clients is an array' do + let(:params) { { nfs_v4: true, server_enabled: true, nfs_v4_export_root_clients: ['192.0.2.1', '192.0.2.2'] } } + + it do + is_expected.to contain_concat__fragment('nfs_exports_root'). + with_target('/etc/exports'). + with_content(%r{/export 192\.0\.2\.1 192\.0\.2\.2}) + end + end + context 'when nfs_v4 => true' do let(:params) { { nfs_v4: true, server_enabled: true, client_enabled: false, nfs_v4_idmap_domain: 'teststring' } } + let(:node) { 'test.local' } + + it do + is_expected.to contain_concat__fragment('nfs_exports_root'). + with_target('/etc/exports'). + with_content(%r{/export \*\.local\(ro,fsid=root,insecure,no_subtree_check,async,root_squash\)}) + end - it { is_expected.to contain_concat__fragment('nfs_exports_root').with('target' => '/etc/exports') } it { is_expected.to contain_file('/export').with('ensure' => 'directory') } it { is_expected.to contain_augeas('/etc/idmapd.conf').with_changes(%r{set General/Domain teststring}) } From 0731626e909ddb7439ea14d1e41914faa7a42df6 Mon Sep 17 00:00:00 2001 From: John Bond Date: Wed, 7 May 2025 18:10:42 +0200 Subject: [PATCH 2/3] Update manifests/init.pp Co-authored-by: Tim Meusel --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 26750c5b..ae234959 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -237,7 +237,7 @@ String $client_gssdopt_name = $nfs::params::client_gssdopt_name, Boolean $client_d9_gssdopt_workaround = false, String $nfs_v4_export_root = '/export', - Variant[String, Array[String]] $nfs_v4_export_root_clients = "*.${facts['networking']['domain']}(ro,fsid=root,insecure,no_subtree_check,async,root_squash)", + Variant[String[1], Array[String[1]]] $nfs_v4_export_root_clients = "*.${facts['networking']['domain']}(ro,fsid=root,insecure,no_subtree_check,async,root_squash)", String $nfs_v4_mount_root = '/srv', String $nfs_v4_idmap_domain = $nfs::params::nfs_v4_idmap_domain, Variant[String, Array] $nfs_v4_idmap_localrealms = '', # lint:ignore:params_empty_string_assignment From 6b9177c0498375c4331cfa61ee8715a7726fedcc Mon Sep 17 00:00:00 2001 From: John Bond Date: Wed, 7 May 2025 18:10:52 +0200 Subject: [PATCH 3/3] Update manifests/server.pp Co-authored-by: Tim Meusel --- manifests/server.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server.pp b/manifests/server.pp index dfc431e6..ed6fc3d0 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -25,7 +25,7 @@ Enum['present', 'absent', 'running', 'stopped', 'disabled'] $ensure = $nfs::ensure, Boolean $nfs_v4 = $nfs::nfs_v4, String $nfs_v4_export_root = $nfs::nfs_v4_export_root, - Variant[String, Array[String]] $nfs_v4_export_root_clients = $nfs::nfs_v4_export_root_clients, + Variant[String[1], Array[String[1]]] $nfs_v4_export_root_clients = $nfs::nfs_v4_export_root_clients, String $nfs_v4_idmap_domain = $nfs::nfs_v4_idmap_domain, String $nfs_v4_root_export_ensure = $nfs::nfs_v4_root_export_ensure, Optional[String] $nfs_v4_root_export_mount = $nfs::nfs_v4_root_export_mount,