current

7 年前 · 1e5fc618cf
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -10,7 +10,15 @@
  with_items:
    - cryptsetup
  when: ansible_os_family == "Debian"
  

 - name: close
  command:
    cryptsetup close
    {{ item.name }}
  with_items: "{{ dmcrypt_devices }}"
  when:
    dmcrypt_devices_state == "closed"

 - name: ramdisk
  mount:
    src: ram
@@ -34,33 +42,23 @@
    dmcrypt_devices_state == "wiped" or
    dmcrypt_devices_state == "opened"

 - name: keyfile
  copy:
    content: "{{ item.key | default( lookup('pipe','pass show '+dmcrypt_key_pass_folder+'/'+item.name) ) }}"
    dest: /ram/dmcrypt_devices/{{ item.name }}
 - name: shred device
  command: shred --iterations={{ dmcrypt_devices_shred_iterations }} {{ item.device }}
  with_items: "{{ dmcrypt_devices }}"
  when:
    dmcrypt_devices_state == "formated" or
    dmcrypt_devices_state == "wiped" or
    dmcrypt_devices_state == "opened"
    dmcrypt_devices_state == "erased"

 - name: close
  command:
    cryptsetup close
    {{ item.name }}
  with_items: "{{ dmcrypt_devices }}"
  when:
    #dmcrypt_devices_state == "formated" or
    #dmcrypt_devices_state == "wiped" or
    #dmcrypt_devices_state == "erased" or
    dmcrypt_devices_state == "closed"

 - name: shred device
  command: shred --iterations={{ dmcrypt_devices_shred_iterations }} {{ item.device }}
 - name: keyfile
  copy:
    content: "{{ item.key }}"
    dest: /ram/dmcrypt_devices/{{ item.name }}
  with_items: "{{ dmcrypt_devices }}"
  when:
    dmcrypt_devices_state == "formated" or
    dmcrypt_devices_state == "wiped" or
    dmcrypt_devices_state == "erased"
    dmcrypt_devices_state == "opened"

 - name: luksFormat
  command:
@@ -79,6 +77,7 @@
  command:
    cryptsetup open --type luks
    --key-file=/ram/dmcrypt_devices/{{ item.name }}
    {{ item.discard | default(false) | ternary('--allow-discards','') }}
    {{ item.device }}
    {{ item.name }}
  with_items: "{{ dmcrypt_devices }}"