sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove defaults for required vars

Browse Source
This commit is contained in:
Sandwich
2025-12-28 17:10:00 +01:00
parent fd37b4ee96
commit 98d0a4954d
19 changed files with 136 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
roles/partitioning/tasks/main.yml
View File

@@ -2,7 +2,7 @@
- name: Detect system memory for swap sizing
when:
- (partitioning_vm_memory | float) <= 0
- (vm_memory | float) <= 0
- vm_memory is not defined or (vm_memory | float) <= 0
block:
- name: Read system memory
ansible.builtin.command: awk '/MemTotal/ {print int($2/1024)}' /proc/meminfo
@@ -18,7 +18,7 @@
when:
- install_type == "physical"
- (partitioning_vm_size | float) <= 0
- (vm_size | float) <= 0
- vm_size is not defined or (vm_size | float) <= 0
- install_drive | length > 0
block:
- name: Detect install drive size
@@ -157,7 +157,14 @@
when: partitioning_luks_enabled | bool
vars:
partitioning_luks_passphrase_effective: >-
{{ partitioning_luks_passphrase | string }}
{{
(
partitioning_luks_passphrase
if partitioning_luks_passphrase is defined
else (luks_passphrase if luks_passphrase is defined else '')
)
| string
}}
block:
- name: Validate LUKS passphrase
ansible.builtin.assert:
@@ -257,7 +264,7 @@
pvs: "{{ partitioning_root_device }}"
- name: Create LVM logical volumes
when: cis | bool or item.lv not in ['home', 'var', 'var_log', 'var_log_audit']
when: cis_enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit']
community.general.lvol:
vg: sys
lv: "{{ item.lv }}"
@@ -266,24 +273,24 @@
loop:
- lv: root
size: >-
{{ [(((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis | bool) | ternary(7.5, 0)) - (((partitioning_vm_memory_effective | float / 1024) > 16.0)
{{ [(((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis_enabled) | ternary(7.5, 0)) - (((partitioning_vm_memory_effective | float / 1024) > 16.0)
| ternary(((partitioning_vm_memory_effective | float / 2048) | int), (partitioning_vm_memory_effective | float / 1024)))) < 4)
| ternary(4,((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis | bool) | ternary(7.5, 0)) -
| ternary(4,((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis_enabled) | ternary(7.5, 0)) -
(((partitioning_vm_memory_effective | float / 1024) > 16.0)
| ternary(
((partitioning_vm_memory_effective | float / 2048) | int),
(partitioning_vm_memory_effective | float / 1024)
)))
> 12)
| ternary(((partitioning_vm_size_effective | float) * 0.4) | round(0, 'ceil'),((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis | bool)
| ternary(((partitioning_vm_size_effective | float) * 0.4) | round(0, 'ceil'),((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis_enabled)
| ternary(7.5, 0)) - (((partitioning_vm_memory_effective | float / 1024) > 16.0)
| ternary(((partitioning_vm_memory_effective | float / 2048) | int), (partitioning_vm_memory_effective | float / 1024))))))))), 4 ] | max | string +
'G' }}
- lv: swap
size: >-
{{ ((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis | bool) | ternary(7.5, 0))) - (((partitioning_vm_memory_effective | float / 1024) > 16.0)
{{ ((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis_enabled) | ternary(7.5, 0))) - (((partitioning_vm_memory_effective | float / 1024) > 16.0)
| ternary(((partitioning_vm_memory_effective | float / 2048) | int), (partitioning_vm_memory_effective | float / 1024)))) < 4)
| ternary((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis | bool) | ternary(7.5, 0))) - 4), (((partitioning_vm_memory_effective | float / 1024)
| ternary((((partitioning_vm_size_effective | float) - (partitioning_reserved_gb | float) - ((cis_enabled) | ternary(7.5, 0))) - 4), (((partitioning_vm_memory_effective | float / 1024)
> 16.0)
| ternary(((partitioning_vm_memory_effective | float / 2048) | int), (partitioning_vm_memory_effective | float / 1024)))) | string + 'G' }}
- lv: home
@@ -346,7 +353,7 @@
changed_when: false
- name: Get UUIDs for LVM filesystems
when: filesystem != 'btrfs' and (cis | bool or item not in ['home', 'var', 'var_log', 'var_log_audit'])
when: filesystem != 'btrfs' and (cis_enabled or item not in ['home', 'var', 'var_log', 'var_log_audit'])
ansible.builtin.command: blkid -s UUID -o value /dev/sys/{{ item }}
loop:
- root
@@ -363,18 +370,18 @@
ansible.builtin.set_fact:
partitioning_uuid_root: "{{ partitioning_uuid_result.results[0].stdout_lines }}"
partitioning_uuid_swap: "{{ partitioning_uuid_result.results[1].stdout_lines }}"
partitioning_uuid_home: "{{ partitioning_uuid_result.results[2].stdout_lines if cis | bool else '' }}"
partitioning_uuid_var: "{{ partitioning_uuid_result.results[3].stdout_lines if cis | bool else '' }}"
partitioning_uuid_var_log: "{{ partitioning_uuid_result.results[4].stdout_lines if cis | bool else '' }}"
partitioning_uuid_var_log_audit: "{{ partitioning_uuid_result.results[5].stdout_lines if cis | bool else '' }}"
partitioning_uuid_home: "{{ partitioning_uuid_result.results[2].stdout_lines if cis_enabled else '' }}"
partitioning_uuid_var: "{{ partitioning_uuid_result.results[3].stdout_lines if cis_enabled else '' }}"
partitioning_uuid_var_log: "{{ partitioning_uuid_result.results[4].stdout_lines if cis_enabled else '' }}"
partitioning_uuid_var_log_audit: "{{ partitioning_uuid_result.results[5].stdout_lines if cis_enabled else '' }}"
- name: Mount filesystems
block:
- name: Mount filesystems and subvolumes
when:
- >-
cis | bool or (
not cis and (
cis_enabled or (
not cis_enabled and (
(filesystem == 'btrfs' and item.path in ['/home', '/var/log', '/var/cache/pacman/pkg'])
or (item.path not in ['/home', '/var', '/var/log', '/var/log/audit', '/var/cache/pacman/pkg'])
)