ansible-role-luks/tasks/main.yml

---
- name: install packages
  package:
    name: '{{ packages }}'
  vars:
    packages:
      - cryptsetup
      - util-linux
  register: result
  retries: 3
  delay: 1
  until: result is success
  tags: luks

- name: create luks device
  luks_manage:
    device: '{{ item.device }}'
    cipher: '{{ item.cipher|default("aes-xts-plain") }}'
    size: '{{ item.size|default(256) }}'
    key: '{{ item.key }}'
  loop: '{{ luks_devices }}'
  no_log: true
  tags: luks

- name: decrypt luks device
  luks_decrypt:
    device: '{{ item.device }}'
    name: '{{ item.name }}'
    key: '{{ item.key }}'
  loop: '{{ luks_devices }}'
  no_log: true
  tags: luks

- name: format partition
  filesystem:
    fstype: '{{ item.fstype }}'
    dev: '/dev/mapper/{{ item.name }}'
  loop: '{{ luks_devices }}'
  tags: luks

- name: mount partition
  mount:
    src: '/dev/mapper/{{ item.name }}'
    path: '{{ item.mount_point }}'
    fstype: '{{ item.fstype }}'
    opts: noauto
    state: mounted
  loop: '{{ luks_devices }}'
  tags: luks
first version 2019-03-16 22:51:50 +00:00			`---`
			`- name: install packages`
			`package:`
			`name: '{{ packages }}'`
			`vars:`
			`packages:`
			`- cryptsetup`
			`- util-linux`
			`register: result`
			`retries: 3`
			`delay: 1`
			`until: result is success`
			`tags: luks`

			`- name: create luks device`
			`luks_manage:`
			`device: '{{ item.device }}'`
			`cipher: '{{ item.cipher\|default("aes-xts-plain") }}'`
			`size: '{{ item.size\|default(256) }}'`
			`key: '{{ item.key }}'`
			`loop: '{{ luks_devices }}'`
			`no_log: true`
			`tags: luks`

			`- name: decrypt luks device`
			`luks_decrypt:`
			`device: '{{ item.device }}'`
			`name: '{{ item.name }}'`
			`key: '{{ item.key }}'`
			`loop: '{{ luks_devices }}'`
			`no_log: true`
			`tags: luks`

			`- name: format partition`
			`filesystem:`
			`fstype: '{{ item.fstype }}'`
			`dev: '/dev/mapper/{{ item.name }}'`
			`loop: '{{ luks_devices }}'`
			`tags: luks`

			`- name: mount partition`
			`mount:`
			`src: '/dev/mapper/{{ item.name }}'`
			`path: '{{ item.mount_point }}'`
			`fstype: '{{ item.fstype }}'`
			`opts: noauto`
			`state: mounted`
			`loop: '{{ luks_devices }}'`
			`tags: luks`