community.general.crypttab – Encrypted Linux block devices
Note
This plugin is part of the community.general collection (version 2.0.1).
To install it use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.crypttab
.
Synopsis
- Control Linux encrypted block devices that are set up during system boot in
/etc/crypttab
.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
backing_device string | Path to the underlying block device or file, or the UUID of a block-device prefixed with UUID=. | |
name string / required | Name of the encrypted block device as it appears in the /etc/crypttab file, or optionally prefixed with /dev/mapper/ , as it appears in the filesystem. /dev/mapper/ will be stripped from name. | |
opts string | A comma-delimited list of options. See crypttab(5 ) for details. | |
password path | Encryption password, the path to a file containing the password, or - or unset if the password should be entered at boot. | |
path path | Default: "/etc/crypttab" | Path to file to use instead of /etc/crypttab .This might be useful in a chroot environment. |
state string / required |
| Use present to add a line to /etc/crypttab or update its definition if already present.Use absent to remove a line with matching name. Use opts_present to add options to those already present; options with different values will be updated. Use opts_absent to remove options from the existing set. |
Examples
- name: Set the options explicitly a device which must already exist community.general.crypttab: name: luks-home state: present opts: discard,cipher=aes-cbc-essiv:sha256 - name: Add the 'discard' option to any existing options for all devices community.general.crypttab: name: '{{ item.device }}' state: opts_present opts: discard loop: '{{ ansible_mounts }}' when: "'/dev/mapper/luks-' in {{ item.device }}"
Authors
- Steve (@groks)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/general/crypttab_module.html