From 2d1372fe2aa2667c32f658be0b575cc5341fcd3b Mon Sep 17 00:00:00 2001
From: Dimitri Savineau <dsavinea@redhat.com>
Date: Thu, 26 Sep 2019 12:44:03 -0400
Subject: [PATCH] ceph-nfs: Allow to configure SecType value

Depending on the infrastruture (w/o kerberos auth) then the SecType
value could be different.
Currently this value is hardcoded in the NFS Ganesha template. Instead
we can use a variable.
The default value is still the same to avoid breaking the backward
compatibility.

Closes: #4459

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit ca77d7bd317da75404ef4ee7143c7412d6ae63ee)
---
 group_vars/nfss.yml.sample               | 2 ++
 roles/ceph-nfs/defaults/main.yml         | 2 ++
 roles/ceph-nfs/templates/ganesha.conf.j2 | 4 ++--
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/group_vars/nfss.yml.sample b/group_vars/nfss.yml.sample
index 6b60d8422..e3820bdb7 100644
--- a/group_vars/nfss.yml.sample
+++ b/group_vars/nfss.yml.sample
@@ -79,6 +79,7 @@ dummy:
 #ceph_nfs_ceph_access_type: "RW"
 #ceph_nfs_ceph_user: "admin"
 #ceph_nfs_ceph_squash: "Root_Squash"
+#ceph_nfs_ceph_sectype: "sys,krb5,krb5i,krb5p"
 
 ###################
 # FSAL RGW Config #
@@ -89,6 +90,7 @@ dummy:
 #ceph_nfs_rgw_access_type: "RW"
 #ceph_nfs_rgw_user: "cephnfs"
 #ceph_nfs_rgw_squash: "Root_Squash"
+#ceph_nfs_rgw_sectype: "sys,krb5,krb5i,krb5p"
 # Note: keys are optional and can be generated, but not on containerized, where
 # they must be configered.
 #ceph_nfs_rgw_access_key: "QFAMEDSJP5DEKJO0DDXY"
diff --git a/roles/ceph-nfs/defaults/main.yml b/roles/ceph-nfs/defaults/main.yml
index 94823bf73..adc9f5b14 100644
--- a/roles/ceph-nfs/defaults/main.yml
+++ b/roles/ceph-nfs/defaults/main.yml
@@ -71,6 +71,7 @@ ceph_nfs_ceph_protocols: "3,4"
 ceph_nfs_ceph_access_type: "RW"
 ceph_nfs_ceph_user: "admin"
 ceph_nfs_ceph_squash: "Root_Squash"
+ceph_nfs_ceph_sectype: "sys,krb5,krb5i,krb5p"
 
 ###################
 # FSAL RGW Config #
@@ -81,6 +82,7 @@ ceph_nfs_rgw_protocols: "3,4"
 ceph_nfs_rgw_access_type: "RW"
 ceph_nfs_rgw_user: "cephnfs"
 ceph_nfs_rgw_squash: "Root_Squash"
+ceph_nfs_rgw_sectype: "sys,krb5,krb5i,krb5p"
 # Note: keys are optional and can be generated, but not on containerized, where
 # they must be configered.
 #ceph_nfs_rgw_access_key: "QFAMEDSJP5DEKJO0DDXY"
diff --git a/roles/ceph-nfs/templates/ganesha.conf.j2 b/roles/ceph-nfs/templates/ganesha.conf.j2
index 5c9f25f9d..9ac40126d 100644
--- a/roles/ceph-nfs/templates/ganesha.conf.j2
+++ b/roles/ceph-nfs/templates/ganesha.conf.j2
@@ -57,7 +57,7 @@ EXPORT
 
 	Transports = TCP;
 
-	SecType = sys,krb5,krb5i,krb5p;
+	SecType = {{ ceph_nfs_ceph_sectype }};
 
 	Squash = {{ ceph_nfs_ceph_squash }};
 
@@ -86,7 +86,7 @@ EXPORT
 
 	Transports = TCP;
 
-	SecType = sys,krb5,krb5i,krb5p;
+	SecType = {{ ceph_nfs_rgw_sectype }};
 
 	Squash = {{ ceph_nfs_rgw_squash }};