crypttab - Encrypted Linux block devices
New in version 1.9.
Synopsis
Control Linux encrypted block devices that are set up during system boot in /etc/crypttab.
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| backing_device |
no | Path to the underlying block device or file, or the UUID of a block-device prefixed with UUID= | ||
| name |
yes | Name of the encrypted block device as it appears in the /etc/crypttab file, or optionaly prefixed with /dev/mapper/, as it appears in the filesystem. /dev/mapper/ will be stripped from name. | ||
| opts |
no | A comma-delimited list of options. See crypttab(5 ) for details. | ||
| password |
no | none | Encryption password, the path to a file containing the pasword, or 'none' or '-' if the password should be entered at boot. | |
| path |
no | /etc/crypttab | Path to file to use instead of /etc/crypttab. This might be useful in a chroot environment. | |
| state |
yes |
|
Use present to add a line to /etc/crypttab or update it's definition if already present. Use absent to remove a line with matching name. Use opts_present to add options to those already present; options with different values will be updated. Use opts_absent to remove options from the existing set. |
Examples
- name: Set the options explicitly a deivce which must already exist crypttab: name=luks-home state=present opts=discard,cipher=aes-cbc-essiv:sha256 - name: Add the 'discard' option to any existing options for all devices crypttab: name={{ item.device }} state=opts_present opts=discard with_items: ansible_mounts when: '/dev/mapper/luks-' in {{ item.device }}
This is an Extras Module
For more information on what this means please read Extras Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.