Update to 2021-01-14 20:00

master
Daniel Berteaud 4 years ago
parent 58aa39fca8
commit 39e6608304
  1. 13
      roles/samba/defaults/main.yml
  2. 3
      roles/samba/tasks/conf.yml
  3. 4
      roles/samba/tasks/directory.yml
  4. 2
      roles/samba/templates/filebeat.yml.j2
  5. 3
      roles/samba/templates/smb.conf.j2

@ -17,11 +17,14 @@ samba_role: member
# log level directive in smb.conf # log level directive in smb.conf
samba_log_level: > samba_log_level: >
1 1
auth_audit:3 auth_audit:3@/var/log/samba/auth.log
auth_json_audit:4@/var/log/samba/audit_auth.log auth_json_audit:4@/var/log/samba/json/auth.log
dsdb_json_audit:4@/var/log/samba/audit_dsdb.log dsdb_json_audit:4@/var/log/samba/json/dsdb.log
dsdb_password_json_audit:4@/var/log/samba/audit_dsdb_password.log dsdb_password_json_audit:4@/var/log/samba/json/dsdb_password.log
dsdb_transaction_json_audit:4@/var/log/samba/audit_dsdb_transaction.log dsdb_transaction_json_audit:4@/var/log/samba/json/dsdb_transaction.log
dns:3@/var/log/samba/dns.log
kerberos:2@/var/log/samba/kerberos.log
ldb:2@/var/log/samba/ldb.log
samba_serve_homes: False samba_serve_homes: False

@ -188,3 +188,6 @@
dest: /etc/backup/post.d/samba.sh dest: /etc/backup/post.d/samba.sh
tags: samba tags: samba
- name: Deploy logrotate configuration
template: src=logrotate.conf.j2 dest=/etc/logrotate.d/samba
tags: samba

@ -16,3 +16,7 @@
file: path=/etc/samba/smb.conf.d/ state=directory file: path=/etc/samba/smb.conf.d/ state=directory
tags: samba tags: samba
- name: Create JSON log dir
file: path=/var/log/samba/json state=directory
tags: samba

@ -1,7 +1,7 @@
- type: log - type: log
enabled: True enabled: True
paths: paths:
- /var/log/samba/audit_*.log - /var/log/samba/json/*.log
exclude_files: exclude_files:
- '\.[gx]z$' - '\.[gx]z$'
- '\.\d+$' - '\.\d+$'

@ -33,6 +33,9 @@
server max protocol = {{ samba_max_protocol }} server max protocol = {{ samba_max_protocol }}
{% endif %} {% endif %}
# Log rotation is handled by logrotate
max log size = 0
{% if samba_role == 'dc' or samba_role == 'rodc' %} {% if samba_role == 'dc' or samba_role == 'rodc' %}
tls dh params file = tls/dhparam.pem tls dh params file = tls/dhparam.pem
{% if samba_tls_cert is defined and samba_tls_key is defined %} {% if samba_tls_cert is defined and samba_tls_key is defined %}

Loading…
Cancel
Save