120 lines
3.7 KiB
YAML
120 lines
3.7 KiB
YAML
driver: freenas-smb
|
|
instance_id:
|
|
httpConnection:
|
|
protocol: http
|
|
host: server address
|
|
port: 80
|
|
# use only 1 of apiKey or username/password
|
|
# if both are present, apiKey is preferred
|
|
# apiKey is only available starting in TrueNAS-12
|
|
#apiKey:
|
|
username: root
|
|
password:
|
|
allowInsecure: true
|
|
# use apiVersion 2 for TrueNAS-12 and up (will work on 11.x in some scenarios as well)
|
|
# leave unset for auto-detection
|
|
#apiVersion: 2
|
|
sshConnection:
|
|
host: server address
|
|
port: 22
|
|
username: root
|
|
# use either password or key
|
|
password: ""
|
|
privateKey: |
|
|
-----BEGIN RSA PRIVATE KEY-----
|
|
...
|
|
-----END RSA PRIVATE KEY-----
|
|
zfs:
|
|
# can be used to override defaults if necessary
|
|
# the example below is useful for TrueNAS 12
|
|
#cli:
|
|
# sudoEnabled: true
|
|
#
|
|
# leave paths unset for auto-detection
|
|
# paths:
|
|
# zfs: /usr/local/sbin/zfs
|
|
# zpool: /usr/local/sbin/zpool
|
|
# sudo: /usr/local/bin/sudo
|
|
# chroot: /usr/sbin/chroot
|
|
|
|
# can be used to set arbitrary values on the dataset/zvol
|
|
# can use handlebars templates with the parameters from the storage class/CO
|
|
#datasetProperties:
|
|
# "org.freenas:description": "{{ parameters.[csi.storage.k8s.io/pvc/namespace] }}/{{ parameters.[csi.storage.k8s.io/pvc/name] }}"
|
|
# "org.freenas:test": "{{ parameters.foo }}"
|
|
# "org.freenas:test2": "some value"
|
|
|
|
datasetProperties:
|
|
aclmode: restricted
|
|
aclinherit: passthrough
|
|
acltype: nfsv4
|
|
casesensitivity: insensitive
|
|
|
|
datasetParentName: tank/k8s/a/vols
|
|
# do NOT make datasetParentName and detachedSnapshotsDatasetParentName overlap
|
|
# they may be siblings, but neither should be nested in the other
|
|
# do NOT comment this option out even if you don't plan to use snapshots, just leave it with dummy value
|
|
detachedSnapshotsDatasetParentName: tank/k8s/a/snaps
|
|
datasetEnableQuotas: true
|
|
datasetEnableReservation: false
|
|
datasetPermissionsMode: "0770"
|
|
|
|
# as appropriate create a dedicated user for smb connections
|
|
# and set this
|
|
datasetPermissionsUser: 65534
|
|
datasetPermissionsGroup: 65534
|
|
|
|
# CORE
|
|
#datasetPermissionsAclsBinary: setfacl
|
|
|
|
# SCALE
|
|
#datasetPermissionsAclsBinary: nfs4xdr_setfacl
|
|
|
|
# if using a user other than guest/nobody comment the 'everyone@' acl
|
|
# and uncomment the appropriate block below
|
|
datasetPermissionsAcls:
|
|
- "-m everyone@:full_set:fd:allow"
|
|
|
|
# CORE
|
|
# in CORE you cannot have multiple entries for the same principle
|
|
# or said differently, they are declarative so using -m will replace
|
|
# whatever the current value is for the principle rather than adding a
|
|
# entry in the acl list
|
|
#- "-m g:builtin_users:full_set:fd:allow"
|
|
#- "-m group@:modify_set:fd:allow"
|
|
#- "-m owner@:full_set:fd:allow"
|
|
|
|
# SCALE
|
|
# https://www.truenas.com/community/threads/get-setfacl-on-scale-with-nfsv4-acls.95231/
|
|
# -s replaces everything
|
|
# so we put this in specific order to mimic the defaults of SCALE when using the api
|
|
#- -s group:builtin_users:full_set:fd:allow
|
|
#- -a group:builtin_users:modify_set:fd:allow
|
|
#- -a group@:modify_set:fd:allow
|
|
#- -a owner@:full_set:fd:allow
|
|
|
|
smb:
|
|
shareHost: server address
|
|
nameTemplate: ""
|
|
namePrefix: ""
|
|
nameSuffix: ""
|
|
|
|
# if any of the shareFoo parameters do not work with your version of FreeNAS
|
|
# simply comment the param (and use the configuration template if necessary)
|
|
|
|
shareAuxiliaryConfigurationTemplate: |
|
|
#guest ok = yes
|
|
#guest only = yes
|
|
shareHome: false
|
|
shareAllowedHosts: []
|
|
shareDeniedHosts: []
|
|
#shareDefaultPermissions: true
|
|
shareGuestOk: false
|
|
#shareGuestOnly: true
|
|
#shareShowHiddenFiles: true
|
|
shareRecycleBin: true
|
|
shareBrowsable: false
|
|
shareAccessBasedEnumeration: true
|
|
shareTimeMachine: false
|
|
#shareStorageTask:
|