# ---------------------------------------------------------------------------- #
## \author Sebastien Beaugrand
## \sa http://beaugrand.chez.com/
## \copyright CeCILL 2.1 Free Software license
## \note Source:
##       https://github.com/
##       make-github-pseudonymous-again/blog/blob/master/content/post/
##       2018-05-24-automatically-mount-luks-encrypted-device-with-systemd.md
##
##       Usage example :
##       https://github.com/sbeaugrand/debinst/tree/master/cicd/hosts/localhost
# ---------------------------------------------------------------------------- #
---
- name: "{{ mnt }}.mount"
  blockinfile:
    path: /etc/systemd/system/{{ mnt }}.mount
    create: yes
    block: |
      [Unit]
      Conflicts=umount.target
      Before=umount.target
      BindsTo={{ mnt }}.service
      After={{ mnt }}.service dev-mapper-{{ mnt }}.device

      [Mount]
      What=/dev/mapper/{{ mnt }}
      Where=/{{ mnt }}
      Type=ext4
      Options=defaults,rw,x-systemd.automount,relatime

      [Install]
      WantedBy=multi-user.target
  become: yes

- name: "{{ mnt }}.service"
  blockinfile:
    path: /etc/systemd/system/{{ mnt }}.service
    create: yes
    block: |
      [Unit]
      BindsTo={{ mnt }}.mount
      Requires=dev-{{ dev }}.device
      After=dev-{{ dev }}.device
      DefaultDependencies=no

      [Service]
      Type=oneshot
      RemainAfterExit=yes
      ExecStart=cryptsetup open -d /root/luksKey /dev/{{ dev }} {{ mnt }}
      ExecStop=cryptsetup close {{ mnt }}

      [Install]
      RequiredBy={{ mnt }}.mount
  become: yes