# ---------------------------------------------------------------------------- #
## \author Sebastien Beaugrand
## \sa http://beaugrand.chez.com/
## \copyright CeCILL 2.1 Free Software license
## \note Source:
## https://github.com/
## make-github-pseudonymous-again/blog/blob/master/content/post/
## 2018-05-24-automatically-mount-luks-encrypted-device-with-systemd.md
##
## Usage example :
## https://github.com/sbeaugrand/debinst/tree/master/cicd/hosts/localhost
# ---------------------------------------------------------------------------- #
---
- name: "{{ mnt }}.mount"
blockinfile:
path: /etc/systemd/system/{{ mnt }}.mount
create: yes
block: |
[Unit]
Conflicts=umount.target
Before=umount.target
BindsTo={{ mnt }}.service
After={{ mnt }}.service dev-mapper-{{ mnt }}.device
[Mount]
What=/dev/mapper/{{ mnt }}
Where=/{{ mnt }}
Type=ext4
Options=defaults,rw,x-systemd.automount,relatime
[Install]
WantedBy=multi-user.target
become: yes
- name: "{{ mnt }}.service"
blockinfile:
path: /etc/systemd/system/{{ mnt }}.service
create: yes
block: |
[Unit]
BindsTo={{ mnt }}.mount
Requires=dev-{{ dev }}.device
After=dev-{{ dev }}.device
DefaultDependencies=no
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=cryptsetup open -d /root/luksKey /dev/{{ dev }} {{ mnt }}
ExecStop=cryptsetup close {{ mnt }}
[Install]
RequiredBy={{ mnt }}.mount
become: yes