]> git.somenet.org - root/pub/somesible.git/blob - roles/base/cryptsetup-helper/tasks/main.yml
SomeNet / public repos / root / pub / somesible.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[roles/base/cryptsetup-helper] setup cryptsetup helpers
[root/pub/somesible.git] / roles / base / cryptsetup-helper / tasks / main.yml
1 #####################################
2 ### someone's ansible provisioner ###
3 #####################################
4 # Part of: https://git.somenet.org/root/pub/somesible.git
5 # 2017-2024 by someone <someone@somenet.org>
6 #
7 # cryptsetup-helper
8 #
9 ---
10 - name: install cryptsetup tools
11   apt:
12     pkg:
13     - cryptsetup-bin
14     - cryptsetup-initramfs
15     - cryptsetup-run
16     state: present
17     policy_rc_d: 101
18   when: cryptsetup_devices is defined
19   tags: "online"
20   ignore_errors: "{{ignore_online_errors | bool}}"
21
22
23 - name: silence systemd for all crypt devices
24   copy:
25     src: "systemd-cryptsetup@DEVICE.service"
26     dest: "/etc/systemd/system/systemd-cryptsetup@{{item}}.service"
27     mode: 0644
28     owner: "root"
29     group: "root"
30   with_items:
31     - "{{cryptsetup_devices}}"
32   when: cryptsetup_devices is defined
33
34
35 - name: copy cryptroot-initrd script with askpass fallback
36   copy:
37     src: "cryptroot"
38     dest: "/etc/initramfs-tools/scripts/local-top/cryptroot"
39     mode: 0755
40     owner: "root"
41     group: "root"
42   when: cryptsetup_devices is defined
43   notify: update-initramfs