瀏覽代碼

functional purge role

master
父節點
當前提交
86d632e80f
共有 8 個檔案被更改,包括 116 行新增0 行删除
  1. +1
    -0
      LICENSE
  2. +26
    -0
      PURGE-COMMANDS
  3. +22
    -0
      README.md
  4. +2
    -0
      defaults/main.yaml
  5. +19
    -0
      tasks/clean-target.yaml
  6. +3
    -0
      tasks/deactivate-lvm.yaml
  7. +42
    -0
      tasks/main.yaml
  8. +1
    -0
      vars/main.yaml

+ 1
- 0
LICENSE 查看文件

@@ -0,0 +1 @@
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

+ 26
- 0
PURGE-COMMANDS 查看文件

@@ -0,0 +1,26 @@
# DESTROYS EVERYTHING!
# DO NOT USE IF YOU DON'T KNOW WHAT YOU ARE DOING!
# ONLY USE ON FRESH AND NON-PRODUCTIVE SYSTEMS
kill -KILL `lsof -t /target`
umount /target/boot/* /target/* /target
wipefs --all /dev/dm-*
vgchange -an
pvremove -ff -y /dev/md*
vgchange -an
wipefs --all /dev/md*
mdadm --stop /dev/md*
mdadm --zero-superblock /dev/sd*
mdadm --zero-superblock /dev/nvme*
mdadm --stop /dev/md*
vgchange -an
pvremove -ff -y /dev/sd*
pvremove -ff -y /dev/nvme*
vgchange -an
wipefs --all /dev/sd*
wipefs --all /dev/sd*
wipefs --all /dev/nvme*
wipefs --all /dev/nvme*
blkdiscard /dev/nvme0n1
blkdiscard /dev/nvme1n1
#blkdiscard /dev/sda & blkdiscard /dev/sdb &
#dd if=/dev/zero of=/dev/sdc bs=1G count=40 & dd if=/dev/zero of=/dev/sdd bs=1G count=40 &

+ 22
- 0
README.md 查看文件

@@ -1,2 +1,24 @@
# ansible-role-purge_hard_disks

This role PURGES your HARDDISKS. Do not

It only runs if you set `REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING` to true. Do not set it fixed in your code but use vars_prompt in your playbook to let the user confirm the usage

```
vars_prompt:
- name: REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING
prompt: |
You are about to PURGE your HARDDISKS which will DESTROY EVERYTHING on your HARDDISKS!!!
All your FILESYSTEMS, PARTITION TABLES, SOFTWARE RAID, LOGICAL VOLUME GROUPS are going to be erased!
All Data on you BLOCK DEVICES is going to get overwritten!

This will affect the targeted hosts:

{{ansible_play_hosts| join("
")}}

Do you REALLY want to PURGE your HARDDISKS which will DESTROY EVERYTHING on your HARDDISKS? Do you know what you are doing?
private: no
```

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

+ 2
- 0
defaults/main.yaml 查看文件

@@ -0,0 +1,2 @@
---
REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING: false

+ 19
- 0
tasks/clean-target.yaml 查看文件

@@ -0,0 +1,19 @@
---

- name: get processes using /target
command: lsof -t {{item}}
register: get_target_processes
loop: "{{ remaining_target_mounts }}"
failed_when: false
changed_when: false

- name: kill every process still running in /target
command: kill -KILL {{item}}
loop: "{{ get_target_processes | json_query(\"results[].stdout_lines|[]\") | unique }}"
failed_when: false

- name: unmount /target filesystems
mount:
path: "{{item}}"
state: unmounted
loop: "{{ remaining_target_mounts }}"

+ 3
- 0
tasks/deactivate-lvm.yaml 查看文件

@@ -0,0 +1,3 @@
---
- name: disable all volume groups
command: vgchange -an

+ 42
- 0
tasks/main.yaml 查看文件

@@ -0,0 +1,42 @@
---

- name: assert that the user has confirmed the purge
assert:
that: "{{REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING|bool}}"

- name: ensure required debian packages are present
apt:
pkg:
- util-linux
- lsof

- block:
- import_tasks: clean-target.yaml
- import_tasks: deactivate-lvm.yaml
when: REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING|bool

- name: purge hard disks
shell: |
wipefs --all /dev/dm-*
vgchange -an
pvremove -ff -y /dev/md*
vgchange -an
wipefs --all /dev/md*
mdadm --stop /dev/md*
mdadm --zero-superblock /dev/sd*
mdadm --zero-superblock /dev/nvme*
mdadm --stop /dev/md*
vgchange -an
pvremove -ff -y /dev/sd*
pvremove -ff -y /dev/nvme*
vgchange -an
wipefs --all /dev/sd*
wipefs --all /dev/sd*
wipefs --all /dev/nvme*
wipefs --all /dev/nvme*
blkdiscard /dev/nvme0n1
blkdiscard /dev/nvme1n1
args:
executable: /bin/bash
failed_when: false
when: REALLY_PURGE_HARDDISKS_WHICH_WILL_DESTROY_EVERYTHING_ON_YOUR_HARDDISKS_I_KNOW_WHAT_I_AM_DOING|bool

+ 1
- 0
vars/main.yaml 查看文件

@@ -0,0 +1 @@
remaining_target_mounts: "{{ansible_facts.mounts|json_query(\"[?starts_with(mount,'/target')].mount\")|sort(reverse=true)}}"

Loading…
取消
儲存