current state from 2015-11-29

před 7 roky · b0ef055542
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
 *~
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,58 @@
 ---

 - name: shred device
  command:
    shred
    --iterations=1
    {{ item.device }}
  when: item.wipe is defined and item.wipe
  with_items: "{{ dmcrypt_devices }}"

 - name: ramdisk
  mount:
    src: ram
    fstype: ramfs
    name: /ram
    state: mounted

 - name: keyfile directory
  file:
    path: /ram/dmcrypt_devices/
    owner: root
    group: root
    mode: 0700
    state: directory

 - name: keyfile
  copy:
    content: "{{ item.key }}"
    dest: /ram/dmcrypt_devices/{{ item.name }}
  with_items: "{{ dmcrypt_devices }}"

 - name: luksFormat
  command:
    cryptsetup luksFormat
    --cipher {{ item.cipher }}
    --hash {{ item.hash }}
    --key-size {{ item.key_size }}
    {{ item.device }}
    /ram/dmcrypt_devices/{{ item.name }}
  with_items: "{{ dmcrypt_devices }}"

 - name: luksOpen
  command:
    cryptsetup luksOpen
    --key-file=/ram/dmcrypt_devices/{{ item.name }}
    {{ item.device }}
    {{ item.name }}
  with_items: "{{ dmcrypt_devices }}"

 - name: wipe keyfile
  command: shred /ram/dmcrypt_devices/{{ item.name }}
  with_items: "{{ dmcrypt_devices }}"

 - name: remove keyfile
  file:
    path: /ram/dmcrypt_devices/{{ item.name }}
    state: absent
  with_items: "{{ dmcrypt_devices }}"