New in version 1.9.
/etc/crypttab.| parameter | required | default | choices | comments |
|---|---|---|---|---|
| backing_device |
no |
Path to the underlying block device or file, or the UUID of a block-device prefixed with UUID=
|
||
| name |
yes |
Name of the encrypted block device as it appears in the
/etc/crypttab file, or optionally prefixed with /dev/mapper/, as it appears in the filesystem. /dev/mapper/ will be stripped from name. |
||
| opts |
no |
A comma-delimited list of options. See
crypttab(5 ) for details. |
||
| password |
no | none |
Encryption password, the path to a file containing the password, or 'none' or '-' if the password should be entered at boot.
|
|
| path |
no | /etc/crypttab |
Path to file to use instead of
/etc/crypttab. This might be useful in a chroot environment. |
|
| state |
yes |
|
Use present to add a line to
/etc/crypttab or update it's definition if already present. Use absent to remove a line with matching name. Use opts_present to add options to those already present; options with different values will be updated. Use opts_absent to remove options from the existing set. |
# Since column is a special character in YAML, if your string contains a column, it's better to use quotes around the string - name: Set the options explicitly a device which must already exist crypttab: name: luks-home state: present opts: 'discard,cipher=aes-cbc-essiv:sha256' - name: Add the 'discard' option to any existing options for all devices crypttab: name: '{{ item.device }}' state: opts_present opts: discard with_items: '{{ ansible_mounts }}' when: "'/dev/mapper/luks-' in {{ item.device }}"
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.