ansible-role-luks/tasks/main.yml

---
- name: install packages
  ansible.builtin.package:
    name:
      - cryptsetup
      - util-linux
  register: result
  retries: 3
  delay: 1
  until: result is success
  tags: luks

- name: create luks device
  luks_manage:
    device: '{{ item.device }}'
    cipher: '{{ item.cipher|default("aes-xts-plain") }}'
    size: '{{ item.size|default(256) }}'
    key: '{{ item.key }}'
  loop: '{{ luks_devices }}'
  loop_control:
    label: '{{ item.name }} - {{ item.device }}'
  tags: luks

- name: decrypt luks device
  luks_decrypt:
    device: '{{ item.device }}'
    name: '{{ item.name }}'
    key: '{{ item.key }}'
  loop: '{{ luks_devices }}'
  loop_control:
    label: '{{ item.name }} - {{ item.device }}'
  tags: luks

- name: format partition
  ansible.builtin.filesystem:
    fstype: '{{ item.fstype }}'
    dev: '/dev/mapper/{{ item.name }}'
  loop: '{{ luks_devices }}'
  loop_control:
    label: '{{ item.name }} - {{ item.device }}'
  tags: luks

- name: mount partition
  ansible.builtin.mount:
    src: '/dev/mapper/{{ item.name }}'
    path: '{{ item.mount_point }}'
    fstype: '{{ item.fstype }}'
    opts: noauto
    state: mounted
  loop: '{{ luks_devices }}'
  loop_control:
    label: '{{ item.name }} - {{ item.device }}'
  tags: luks
first version 2019-03-16 22:51:50 +00:00			`---`
			`- name: install packages`
chore: use FQCN module name 2021-09-12 22:05:09 +00:00			`ansible.builtin.package:`
			`name:`
first version 2019-03-16 22:51:50 +00:00			`- cryptsetup`
			`- util-linux`
			`register: result`
			`retries: 3`
			`delay: 1`
			`until: result is success`
			`tags: luks`

			`- name: create luks device`
			`luks_manage:`
			`device: '{{ item.device }}'`
			`cipher: '{{ item.cipher\|default("aes-xts-plain") }}'`
			`size: '{{ item.size\|default(256) }}'`
			`key: '{{ item.key }}'`
			`loop: '{{ luks_devices }}'`
chore: remove no_log on task file 2021-09-12 22:13:15 +00:00			`loop_control:`
			`label: '{{ item.name }} - {{ item.device }}'`
first version 2019-03-16 22:51:50 +00:00			`tags: luks`

			`- name: decrypt luks device`
			`luks_decrypt:`
			`device: '{{ item.device }}'`
			`name: '{{ item.name }}'`
			`key: '{{ item.key }}'`
			`loop: '{{ luks_devices }}'`
chore: remove no_log on task file 2021-09-12 22:13:15 +00:00			`loop_control:`
			`label: '{{ item.name }} - {{ item.device }}'`
first version 2019-03-16 22:51:50 +00:00			`tags: luks`

			`- name: format partition`
chore: use FQCN module name 2021-09-12 22:05:09 +00:00			`ansible.builtin.filesystem:`
first version 2019-03-16 22:51:50 +00:00			`fstype: '{{ item.fstype }}'`
			`dev: '/dev/mapper/{{ item.name }}'`
			`loop: '{{ luks_devices }}'`
chore: remove no_log on task file 2021-09-12 22:13:15 +00:00			`loop_control:`
			`label: '{{ item.name }} - {{ item.device }}'`
first version 2019-03-16 22:51:50 +00:00			`tags: luks`

			`- name: mount partition`
chore: use FQCN module name 2021-09-12 22:05:09 +00:00			`ansible.builtin.mount:`
first version 2019-03-16 22:51:50 +00:00			`src: '/dev/mapper/{{ item.name }}'`
			`path: '{{ item.mount_point }}'`
			`fstype: '{{ item.fstype }}'`
			`opts: noauto`
			`state: mounted`
			`loop: '{{ luks_devices }}'`
chore: remove no_log on task file 2021-09-12 22:13:15 +00:00			`loop_control:`
			`label: '{{ item.name }} - {{ item.device }}'`
first version 2019-03-16 22:51:50 +00:00			`tags: luks`