add lib_sftp role

configure the paths of access

roles/lib_sftp/README.md

@@ -0,0 +1,41 @@
+Role Name
+=========
+
+Configures the permissions and paths of an SFTP servers
+
+Requirements
+------------
+
+A Rocky Linux endpoint
+
+Role Variables
+--------------
+```ini
+sftp_user: "username"
+allowed_ssh_users:
+  - sftp_user
+```
+
+Dependencies
+------------
+
+the deploy_user role and the ad_join role
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/lib_sftp/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for roles/lib_sftp

roles/lib_sftp/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for roles/lib_sftp

roles/lib_sftp/meta/main.yml

@@ -0,0 +1,18 @@
+---
+galaxy_info:
+  role_name: lib_sftp
+  company: Princeton University Library
+  description: sftp server
+  author: pulibrary
+
+  license: MIT
+
+  min_ansible_version: 2.9
+
+  platforms:
+    - name: Rocky
+      versions:
+        - 9
+dependencies:
+  - role: "ad_join"
+  - role: "deploy_user"

roles/lib_sftp/molecule/default/converge.yml

@@ -0,0 +1,10 @@
+---
+- name: Converge
+  hosts: all
+  vars:
+    - running_on_server: false
+  become: true
+  tasks:
+    - name: "Include lib_sftp"
+      ansible.builtin.include_role:
+        name: lib_sftp

roles/lib_sftp/molecule/default/molecule.yml

@@ -0,0 +1,22 @@
+---
+scenario:
+  name: default
+driver:
+  name: docker
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+platforms:
+  - name: instance
+    image: "ghcr.io/pulibrary/pul_containers:rocky_multi"
+    command: "sleep infinity"
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  log: true
+verifier:
+  name: ansible

roles/lib_sftp/molecule/default/verify.yml

@@ -0,0 +1,20 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Check ruby package status
+      ansible.builtin.package:
+        name: "{{ item }}"
+        state: present
+      check_mode: true
+      register: pkg_status
+      loop:
+        - ruby-switch
+        - ruby2.6-dev
+        - ruby2.6
+
+    - name: Test for ruby packages
+      ansible.builtin.assert:
+        that:
+          - not pkg_status.changed

roles/lib_sftp/tasks/main.yml

@@ -0,0 +1,31 @@
+---
+# tasks file for roles/lib_sftp
+
+- name: Lib_sftp | create alma directory drop
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    recurse: true
+    owner: "{{ almasftp_user }}"
+    group: "domain users"
+    mode: "0755"
+  loop:
+    - "/alma/bursar"
+    - "/alma/datasync_processing"
+    - "/alma/fund_adjustment"
+    - "/alma/invoice_status"
+    - "/alma/invoices"
+    - "/alma/people"
+    - "/alma/pod"
+    - "/alma/publishing"
+    - "/alma/recap"
+    - "/alma/scsb_renewals"
+
+- name: Lib_sftp | create aspace directory drop
+  ansible.builtin.file:
+    path: /alma/aspace
+    state: directory
+    recurse: true
+    owner: "{{ aspaceftp_user }}"
+    group: "domain users"
+    mode: "0755"

roles/lib_sftp/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for roles/lib_sftp