community.general.crypttab – Encrypted Linux block devices
Note
This plugin is part of the community.general collection (version 3.8.1).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.crypttab
.
Synopsis
- Control Linux encrypted block devices that are set up during system boot in
/etc/crypttab
.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
backing_device string | Path to the underlying block device or file, or the UUID of a block-device prefixed with UUID=. | |
name string / required | Name of the encrypted block device as it appears in the /etc/crypttab file, or optionally prefixed with /dev/mapper/ , as it appears in the filesystem. /dev/mapper/ will be stripped from name. | |
opts string | A comma-delimited list of options. See crypttab(5 ) for details. | |
password path | Encryption password, the path to a file containing the password, or - or unset if the password should be entered at boot. | |
path path | Default: "/etc/crypttab" | Path to file to use instead of /etc/crypttab .This might be useful in a chroot environment. |
state string / required |
| Use present to add a line to /etc/crypttab or update its definition if already present.Use absent to remove a line with matching name. Use opts_present to add options to those already present; options with different values will be updated. Use opts_absent to remove options from the existing set. |
Examples
- name: Set the options explicitly a device which must already exist community.general.crypttab: name: luks-home state: present opts: discard,cipher=aes-cbc-essiv:sha256 - name: Add the 'discard' option to any existing options for all devices community.general.crypttab: name: '{{ item.device }}' state: opts_present opts: discard loop: '{{ ansible_mounts }}' when: "'/dev/mapper/luks-' in {{ item.device }}"
Authors
- Steve (@groks)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/crypttab_module.html