From cb4206c3b76557d8fd81090bb919db20ddb1cbcf Mon Sep 17 00:00:00 2001
From: Menno van Leeuwen <menno@vleeuwen.me>
Date: Tue, 11 Mar 2025 21:30:12 +0100
Subject: [PATCH] feat: replace CIFS configuration with SSHFS setup in Ansible
 tasks for improved flexibility

---
 config/ansible/tasks/servers/cifs.yml   | 45 ---------------------
 config/ansible/tasks/servers/server.yml |  4 +-
 config/ansible/tasks/servers/sshfs.yml  | 52 +++++++++++++++++++++++++
 3 files changed, 54 insertions(+), 47 deletions(-)
 delete mode 100644 config/ansible/tasks/servers/cifs.yml
 create mode 100644 config/ansible/tasks/servers/sshfs.yml

diff --git a/config/ansible/tasks/servers/cifs.yml b/config/ansible/tasks/servers/cifs.yml
deleted file mode 100644
index 5deb88f..0000000
--- a/config/ansible/tasks/servers/cifs.yml
+++ /dev/null
@@ -1,45 +0,0 @@
----
-- name: Configure CIFS
-  block:
-    - name: Install CIFS utilities
-      become: true
-      ansible.builtin.package:
-        name: cifs-utils
-        state: present
-
-    - name: Create mount point directory
-      become: true
-      ansible.builtin.file:
-        path: /mnt/storage-box
-        state: directory
-        mode: '0755'
-
-    - name: Create credentials file
-      become: true
-      ansible.builtin.copy:
-        dest: /root/.smbcredentials
-        content: |
-          username=u451316
-          password={{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/new_password') }}
-        mode: '0600'
-
-    - name: Add fstab entry for storage-box
-      become: true
-      ansible.builtin.lineinfile:
-        path: /etc/fstab
-        line: "//u451316.your-storagebox.de/backup /mnt/storage-box cifs credentials=/root/.smbcredentials,uid=1000,gid=100,iocharset=utf8,vers=3.0 0 0"
-        regexp: "^//u451316.your-storagebox.de/backup"
-        state: present
-      notify: Systemctl daemon-reload
-
-    - name: Mount storage-box
-      become: true
-      ansible.builtin.mount:
-        path: /mnt/storage-box
-        src: //u451316.your-storagebox.de/backup
-        fstype: cifs
-        opts: credentials=/root/.smbcredentials,uid=1000,gid=100,iocharset=utf8,vers=3.0
-        state: mounted
-
-    - name: Handlers
-      ansible.builtin.meta: flush_handlers
diff --git a/config/ansible/tasks/servers/server.yml b/config/ansible/tasks/servers/server.yml
index d143d75..8a33868 100644
--- a/config/ansible/tasks/servers/server.yml
+++ b/config/ansible/tasks/servers/server.yml
@@ -7,8 +7,8 @@
         state: present
       become: true
 
-    - name: Include cifs tasks
-      ansible.builtin.include_tasks: cifs.yml
+    - name: Include SSHFS tasks
+      ansible.builtin.include_tasks: sshfs.yml
       when: ansible_hostname == "mennos-cloud-server"
 
     - name: Include services tasks
diff --git a/config/ansible/tasks/servers/sshfs.yml b/config/ansible/tasks/servers/sshfs.yml
new file mode 100644
index 0000000..87504c5
--- /dev/null
+++ b/config/ansible/tasks/servers/sshfs.yml
@@ -0,0 +1,52 @@
+---
+- name: Configure SSHFS
+  block:
+    - name: Install SSHFS package
+      become: true
+      ansible.builtin.package:
+        name: sshfs
+        state: present
+
+    - name: Create mount point directory
+      become: true
+      ansible.builtin.file:
+        path: /mnt/storage-box
+        state: directory
+        mode: '0755'
+
+    - name: Create credentials file
+      become: true
+      ansible.builtin.copy:
+        dest: /root/.smbcredentials
+        content: |
+          username=u451316
+          password={{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/new_password') }}
+        mode: '0600'
+
+    - name: Create password file for SSHFS
+      become: true
+      ansible.builtin.copy:
+        dest: /root/.sshfs_password
+        content: "{{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/new_password') }}"
+        mode: '0600'
+
+    - name: Add fstab entry for SSHFS mount
+      become: true
+      ansible.builtin.lineinfile:
+        path: /etc/fstab
+        line: "sshfs#{{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/username') }}@{{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/host') }}: /mnt/storage-box fuse.sshfs defaults,_netdev,port=23,password_stdin,password_file=/root/.sshfs_password,uid=1000,gid=100,reconnect,allow_other,ServerAliveInterval=15 0 0"
+        regexp: "^sshfs#.*{{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/host') }}:"
+        state: present
+      notify: Systemctl daemon-reload
+
+    - name: Mount SSHFS storage
+      become: true
+      ansible.builtin.mount:
+        path: /mnt/storage-box
+        src: "sshfs#{{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/username') }}@{{ lookup('onepassword', 'op://j7nmhqlsjmp2r6umly5t75hzb4/5j5y5axfjr3f3sn5nixb6htg4y/host') }}:"
+        fstype: fuse.sshfs
+        opts: "defaults,_netdev,port=23,password_stdin,password_file=/root/.sshfs_password,uid=1000,gid=100,reconnect,allow_other,ServerAliveInterval=15"
+        state: mounted
+
+    - name: Handlers
+      ansible.builtin.meta: flush_handlers