ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add virusfilter support to Samba shares and configure ClamAV database checks

Browse Source
This commit is contained in:
Christoph
2026-05-26 14:18:36 +02:00
parent 1f78326503
commit 56a2c8464f
2 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
host_vars/file-km-neu.anw-km.netz.yml
+12
View File
@@ -661,6 +661,7 @@ samba_shares:
group_write_list: a-jur group_write_list: a-jur
file_create_mask: !!str 664 file_create_mask: !!str 664
dir_create_mask: !!str 2775 dir_create_mask: !!str 2775
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -672,6 +673,7 @@ samba_shares:
group_write_list: kanzlei group_write_list: kanzlei
file_create_mask: !!str 664 file_create_mask: !!str 664
dir_create_mask: !!str 2775 dir_create_mask: !!str 2775
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -692,6 +694,7 @@ samba_shares:
group_write_list: wildvang group_write_list: wildvang
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -703,6 +706,7 @@ samba_shares:
# group_write_list: aulmann # group_write_list: aulmann
# file_create_mask: !!str 660 # file_create_mask: !!str 660
# dir_create_mask: !!str 2770 # dir_create_mask: !!str 2770
# vfs_object_virusfilter: true
# vfs_object_recycle: true # vfs_object_recycle: true
# recycle_path: '@Recycle' # recycle_path: '@Recycle'
# vfs_object_recycle_is_visible: true # vfs_object_recycle_is_visible: true
@@ -714,6 +718,7 @@ samba_shares:
# group_write_list: howe # group_write_list: howe
# file_create_mask: !!str 660 # file_create_mask: !!str 660
# dir_create_mask: !!str 2770 # dir_create_mask: !!str 2770
# vfs_object_virusfilter: true
# vfs_object_recycle: true # vfs_object_recycle: true
# recycle_path: '@Recycle' # recycle_path: '@Recycle'
# vfs_object_recycle_is_visible: true # vfs_object_recycle_is_visible: true
@@ -725,6 +730,7 @@ samba_shares:
group_write_list: stahmann group_write_list: stahmann
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -736,6 +742,7 @@ samba_shares:
group_write_list: traine group_write_list: traine
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -747,6 +754,7 @@ samba_shares:
group_write_list: public group_write_list: public
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -758,6 +766,7 @@ samba_shares:
group_write_list: advoware group_write_list: advoware
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -769,6 +778,7 @@ samba_shares:
group_write_list: intern group_write_list: intern
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: false vfs_object_recycle_is_visible: false
@@ -780,6 +790,7 @@ samba_shares:
group_write_list: alle group_write_list: alle
file_create_mask: !!str 660 file_create_mask: !!str 660
dir_create_mask: !!str 2770 dir_create_mask: !!str 2770
vfs_object_virusfilter: true
vfs_object_recycle: true vfs_object_recycle: true
recycle_path: '@Recycle' recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true vfs_object_recycle_is_visible: true
@@ -791,6 +802,7 @@ samba_shares:
# group_write_list: web # group_write_list: web
# file_create_mask: !!str 660 # file_create_mask: !!str 660
# dir_create_mask: !!str 2770 # dir_create_mask: !!str 2770
# vfs_object_virusfilter: true
# vfs_object_recycle: true # vfs_object_recycle: true
# recycle_path: '@Recycle' # recycle_path: '@Recycle'
roles/common/tasks/samba-config-server.yml
+37
View File
@@ -58,6 +58,43 @@
- samba-server - samba-server
- samba-virusfilter - samba-virusfilter
- name: (samba-install.yml) Check if ClamAV virus databases are present
find:
paths: /var/lib/clamav
patterns:
- "*.cvd"
- "*.cld"
register: clamav_db_files
when:
- inventory_hostname in groups['samba_server']
- samba_shares | selectattr('vfs_object_virusfilter', 'defined') | selectattr('vfs_object_virusfilter', 'equalto', true) | list | length > 0
tags:
- samba-server
- samba-virusfilter
- name: (samba-install.yml) Stop clamav-freshclam service before initial database download
service:
name: clamav-freshclam
state: stopped
failed_when: false
when:
- inventory_hostname in groups['samba_server']
- samba_shares | selectattr('vfs_object_virusfilter', 'defined') | selectattr('vfs_object_virusfilter', 'equalto', true) | list | length > 0
- clamav_db_files.files | length == 0
tags:
- samba-server
- samba-virusfilter
- name: (samba-install.yml) Download initial ClamAV virus databases via freshclam
command: freshclam
when:
- inventory_hostname in groups['samba_server']
- samba_shares | selectattr('vfs_object_virusfilter', 'defined') | selectattr('vfs_object_virusfilter', 'equalto', true) | list | length > 0
- clamav_db_files.files | length == 0
tags:
- samba-server
- samba-virusfilter
- name: (samba-install.yml) Ensure clamav-daemon and clamav-freshclam services are enabled - name: (samba-install.yml) Ensure clamav-daemon and clamav-freshclam services are enabled
service: service:
name: "{{ item }}" name: "{{ item }}"