You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.2 KiB
48 lines
1.2 KiB
3 years ago
|
---
|
||
|
|
- name: Generate fstab.
|
||
|
|
include_role:
|
||
|
|
name: genfstab
|
||
|
|
vars:
|
||
|
|
chroot: "{{ root_mount }}"
|
||
|
|
|
||
|
|
- name: Check if btrfs-progs is installed.
|
||
|
|
command: arch-chroot {{ root_mount }}
|
||
|
|
pacman -Qk btrfs-progs
|
||
|
|
register: result
|
||
|
|
failed_when: false
|
||
|
|
changed_when: false
|
||
|
|
|
||
|
|
- name: Install btrfs-progs.
|
||
|
|
command: arch-chroot {{ root_mount }}
|
||
|
|
pacman -Sy btrfs-progs --noconfirm
|
||
|
|
when: result.rc != 0
|
||
|
|
|
||
|
|
- name: Create crypto keyfile.
|
||
|
|
shell:
|
||
|
|
# yamllint disable rule:line-length
|
||
|
|
cmd: |
|
||
|
|
set -e -o pipefail
|
||
|
|
dd bs=512 count=8 if=/dev/urandom of={{ root_mount }}/crypto_keyfile.bin
|
||
|
|
echo {{ disk_egbl_luks_password }} | cryptsetup luksAddKey {{ disk_egbl_luks_device_node }} {{ root_mount }}/crypto_keyfile.bin
|
||
|
|
# yamllint enable rule:line-length
|
||
|
|
creates: "{{ root_mount }}/crypto_keyfile.bin"
|
||
|
|
|
||
|
|
- name: Set proper permissions on crypto keyfile.
|
||
|
|
file:
|
||
|
|
path: "{{ root_mount }}/crypto_keyfile.bin"
|
||
|
|
mode: 0000
|
||
|
|
|
||
|
|
- name: Configure mkinitcpio.
|
||
|
|
mkinitcpio:
|
||
|
|
state: present
|
||
|
|
path: "{{ root_mount }}/etc/mkinitcpio.conf"
|
||
|
|
binaries: /usr/bin/btrfs
|
||
|
|
files: /crypto_keyfile.bin
|
||
|
|
hooks:
|
||
|
|
- encrypt
|
||
|
|
- btrfs
|
||
|
|
|
||
|
|
- name: Run mkinitcpio.
|
||
|
|
command: arch-chroot {{ root_mount }} mkinitcpio -P
|
||
|
|
changed_when: true
|