From 2eb43434fb439f12fcc00dfb66db8ca76884aef0 Mon Sep 17 00:00:00 2001
From: Markus Katharina Brechtel <markus.katharina.brechtel@thengo.net>
Date: Mon, 1 Mar 2021 01:14:34 +0100
Subject: [PATCH] acl

---
 acl.yaml               | 18 ++++++++++++++++
 templates/setacl.sh.j2 | 49 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 acl.yaml
 create mode 100755 templates/setacl.sh.j2

diff --git a/acl.yaml b/acl.yaml
new file mode 100644
index 0000000..16ec018
--- /dev/null
+++ b/acl.yaml
@@ -0,0 +1,18 @@
+---
+
+- hosts: kita-stjs-8
+  remote_user: root
+  tasks:
+
+    - name: debian packages
+      apt:
+        pkg: acl
+
+    - name: setacl script
+      template:
+        src: setacl.sh.j2
+        dest: /root/setacl.sh
+        mode: u=rwx
+
+    - name: run setacl script
+      command: /root/setacl.sh
diff --git a/templates/setacl.sh.j2 b/templates/setacl.sh.j2
new file mode 100755
index 0000000..ac4980e
--- /dev/null
+++ b/templates/setacl.sh.j2
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+{% for folder in shared_folders.keys() | list %}
+# {{folder}}
+
+mkdir -p "{{folder}}"
+
+{% if shared_folders[folder].owner is defined %}
+chown \
+{% if shared_folders[folder].recursive is defined and shared_folders[folder].recursive %}
+-R \
+{% endif %}
+"{{shared_folders[folder].owner}}" "{{folder}}"
+{% endif %}
+{% if shared_folders[folder].group is defined %}
+chgrp \
+{% if shared_folders[folder].recursive is defined and shared_folders[folder].recursive %}
+-R \
+{% endif %}
+"{{shared_folders[folder].group}}" "{{folder}}"
+{% endif %}
+
+{% if shared_folders[folder].acls is defined %}
+setfacl --remove-all \
+{% if shared_folders[folder].recursive is defined and shared_folders[folder].recursive %}
+--recursive \
+{% endif %}
+-m user::rwX \
+-m group::--- \
+-m other::--- \
+{% for acl in shared_folders[folder].acls %}
+-m {{acl}} \
+{% endfor %}
+"{{folder}}"
+
+setfacl --default \
+{% if shared_folders[folder].recursive is defined and shared_folders[folder].recursive %}
+--recursive \
+{% endif %}
+-m user::rwx \
+-m group::--- \
+-m other::--- \
+{% for acl in shared_folders[folder].acls %}
+-m {{acl}} \
+{% endfor %}
+"{{folder}}"
+{% endif %}
+
+{% endfor %}