community.general.crypttab module – Encrypted Linux block devices
Note
This module is part of the community.general collection (version 9.3.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.crypttab
.
Synopsis
Control Linux encrypted block devices that are set up during system boot in
/etc/crypttab
.
Parameters
Parameter |
Comments |
---|---|
Path to the underlying block device or file, or the UUID of a block-device prefixed with |
|
Name of the encrypted block device as it appears in the |
|
A comma-delimited list of options. See |
|
Encryption password, the path to a file containing the password, or |
|
Path to file to use instead of This might be useful in a chroot environment. Default: |
|
Use Use Use Use Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
Examples
- name: Set the options explicitly a device which must already exist
community.general.crypttab:
name: luks-home
state: present
opts: discard,cipher=aes-cbc-essiv:sha256
- name: Add the 'discard' option to any existing options for all devices
community.general.crypttab:
name: '{{ item.device }}'
state: opts_present
opts: discard
loop: '{{ ansible_mounts }}'
when: "'/dev/mapper/luks-' in {{ item.device }}"