Quellcode durchsuchen

functional purge role

master
Ursprung
Commit
86d632e80f
8 geänderte Dateien mit 116 neuen und 0 gelöschten Zeilen
  1. +1
    -0
      LICENSE
  2. +26
    -0
      PURGE-COMMANDS
  3. +22
    -0
      README.md
  4. +2
    -0
      defaults/main.yaml
  5. +19
    -0
      tasks/clean-target.yaml
  6. +3
    -0
      tasks/deactivate-lvm.yaml
  7. +42
    -0
      tasks/main.yaml
  8. +1
    -0
      vars/main.yaml

+ 1
- 0
LICENSE Datei anzeigen

@@ -0,0 +1 @@
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

+ 26
- 0
PURGE-COMMANDS Datei anzeigen

@@ -0,0 +1,26 @@
# DESTROYS EVERYTHING!
# DO NOT USE IF YOU DON'T KNOW WHAT YOU ARE DOING!
# ONLY USE ON FRESH AND NON-PRODUCTIVE SYSTEMS
kill -KILL `lsof -t /target`
umount /target/boot/* /target/* /target
wipefs --all /dev/dm-*
vgchange -an
pvremove -ff -y /dev/md*
vgchange -an
wipefs --all /dev/md*
mdadm --stop /dev/md*
mdadm --zero-superblock /dev/sd*
mdadm --zero-superblock /dev/nvme*
mdadm --stop /dev/md*
vgchange -an
pvremove -ff -y /dev/sd*
pvremove -ff -y /dev/nvme*
vgchange -an
wipefs --all /dev/sd*
wipefs --all /dev/sd*
wipefs --all /dev/nvme*
wipefs --all /dev/nvme*
blkdiscard /dev/nvme0n1
blkdiscard /dev/nvme1n1
#blkdiscard /dev/sda & blkdiscard /dev/sdb &
#dd if=/dev/zero of=/dev/sdc bs=1G count=40 & dd if=/dev/zero of=/dev/sdd bs=1G count=40 &

+ 22
- 0
README.md Datei anzeigen

@@ -1,2 +1,24 @@
# ansible-role-purge_hard_disks

This role PURGES your HARDDISKS. Do not

It only runs if you set `REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING` to true. Do not set it fixed in your code but use vars_prompt in your playbook to let the user confirm the usage

```
vars_prompt:
- name: REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING
prompt: |
You are about to PURGE your HARDDISKS which will DESTROY EVERYTHING on your HARDDISKS!!!
All your FILESYSTEMS, PARTITION TABLES, SOFTWARE RAID, LOGICAL VOLUME GROUPS are going to be erased!
All Data on you BLOCK DEVICES is going to get overwritten!

This will affect the targeted hosts:

{{ansible_play_hosts| join("
")}}

Do you REALLY want to PURGE your HARDDISKS which will DESTROY EVERYTHING on your HARDDISKS? Do you know what you are doing?
private: no
```

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

+ 2
- 0
defaults/main.yaml Datei anzeigen

@@ -0,0 +1,2 @@
---
REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING: false

+ 19
- 0
tasks/clean-target.yaml Datei anzeigen

@@ -0,0 +1,19 @@
---

- name: get processes using /target
command: lsof -t {{item}}
register: get_target_processes
loop: "{{ remaining_target_mounts }}"
failed_when: false
changed_when: false

- name: kill every process still running in /target
command: kill -KILL {{item}}
loop: "{{ get_target_processes | json_query(\"results[].stdout_lines|[]\") | unique }}"
failed_when: false

- name: unmount /target filesystems
mount:
path: "{{item}}"
state: unmounted
loop: "{{ remaining_target_mounts }}"

+ 3
- 0
tasks/deactivate-lvm.yaml Datei anzeigen

@@ -0,0 +1,3 @@
---
- name: disable all volume groups
command: vgchange -an

+ 42
- 0
tasks/main.yaml Datei anzeigen

@@ -0,0 +1,42 @@
---

- name: assert that the user has confirmed the purge
assert:
that: "{{REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING|bool}}"

- name: ensure required debian packages are present
apt:
pkg:
- util-linux
- lsof

- block:
- import_tasks: clean-target.yaml
- import_tasks: deactivate-lvm.yaml
when: REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING|bool

- name: purge hard disks
shell: |
wipefs --all /dev/dm-*
vgchange -an
pvremove -ff -y /dev/md*
vgchange -an
wipefs --all /dev/md*
mdadm --stop /dev/md*
mdadm --zero-superblock /dev/sd*
mdadm --zero-superblock /dev/nvme*
mdadm --stop /dev/md*
vgchange -an
pvremove -ff -y /dev/sd*
pvremove -ff -y /dev/nvme*
vgchange -an
wipefs --all /dev/sd*
wipefs --all /dev/sd*
wipefs --all /dev/nvme*
wipefs --all /dev/nvme*
blkdiscard /dev/nvme0n1
blkdiscard /dev/nvme1n1
args:
executable: /bin/bash
failed_when: false
when: REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING|bool

+ 1
- 0
vars/main.yaml Datei anzeigen

@@ -0,0 +1 @@
remaining_target_mounts: "{{ansible_facts.mounts|json_query(\"[?starts_with(mount,'/target')].mount\")|sort(reverse=true)}}"

Laden…
Abbrechen
Speichern