diff --git a/roles/partitioning/defaults/main.yml b/roles/partitioning/defaults/main.yml index 637706c..4be6cc4 100644 --- a/roles/partitioning/defaults/main.yml +++ b/roles/partitioning/defaults/main.yml @@ -6,6 +6,7 @@ partitioning_efi_size_mib: 512 partitioning_efi_start_mib: 1 partitioning_efi_end_mib: "{{ (partitioning_efi_start_mib | int) + (partitioning_efi_size_mib | int) }}" partitioning_boot_size_mib: 1024 +partitioning_vg_name: sys partitioning_use_full_disk: true partitioning_separate_boot: >- {{ diff --git a/roles/partitioning/tasks/ext4.yml b/roles/partitioning/tasks/ext4.yml index ca51fde..6cd568d 100644 --- a/roles/partitioning/tasks/ext4.yml +++ b/roles/partitioning/tasks/ext4.yml @@ -2,7 +2,7 @@ - name: Create and format ext4 logical volumes when: system_cfg.features.cis.enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit'] community.general.filesystem: - dev: /dev/sys/{{ item.lv }} + dev: /dev/{{ partitioning_vg_name }}/{{ item.lv }} fstype: ext4 force: true loop: @@ -16,7 +16,7 @@ when: > (os in ['almalinux', 'rocky', 'rhel'] or (os == 'debian' and (os_version | string) == '11')) and (system_cfg.features.cis.enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit']) - ansible.builtin.command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}" + ansible.builtin.command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/{{ partitioning_vg_name }}/{{ item.lv }}" loop: - { lv: root } - { lv: home } diff --git a/roles/partitioning/tasks/main.yml b/roles/partitioning/tasks/main.yml index 44a308d..0cf73b5 100644 --- a/roles/partitioning/tasks/main.yml +++ b/roles/partitioning/tasks/main.yml @@ -65,7 +65,7 @@ - name: Remove LVM volume group community.general.lvg: - vg: sys + vg: "{{ partitioning_vg_name }}" state: absent force: true failed_when: false @@ -251,7 +251,7 @@ block: - name: Create LVM volume group community.general.lvg: - vg: sys + vg: "{{ partitioning_vg_name }}" pvs: "{{ partitioning_root_device }}" - name: Create LVM logical volumes @@ -311,7 +311,6 @@ ( (partitioning_disk_size_gb | float) - (partitioning_reserved_gb | float) - # CIS partitioning overhead (GB): /home, /var, /var/log, /var/log/audit - (system_cfg.features.cis.enabled | ternary(7.5, 0)) - partitioning_lvm_extent_reserve_gb - 4 @@ -391,7 +390,7 @@ else partitioning_lvm_root_default_gb }} community.general.lvol: - vg: sys + vg: "{{ partitioning_vg_name }}" lv: "{{ item.lv }}" size: "{{ item.size }}" state: present @@ -440,7 +439,7 @@ - system_cfg.features.swap.enabled | bool community.general.filesystem: fstype: swap - dev: /dev/sys/swap + dev: /dev/{{ partitioning_vg_name }}/swap - name: Create filesystem ansible.builtin.include_tasks: "{{ system_cfg.filesystem }}.yml" @@ -464,7 +463,7 @@ - name: Get UUID for LVM root filesystem when: system_cfg.filesystem != 'btrfs' - ansible.builtin.command: blkid -s UUID -o value /dev/sys/root + ansible.builtin.command: blkid -s UUID -o value /dev/{{ partitioning_vg_name }}/root register: partitioning_uuid_root_result changed_when: false @@ -472,7 +471,7 @@ when: - system_cfg.filesystem != 'btrfs' - system_cfg.features.swap.enabled | bool - ansible.builtin.command: blkid -s UUID -o value /dev/sys/swap + ansible.builtin.command: blkid -s UUID -o value /dev/{{ partitioning_vg_name }}/swap register: partitioning_uuid_swap_result changed_when: false @@ -480,7 +479,7 @@ when: - system_cfg.filesystem != 'btrfs' - system_cfg.features.cis.enabled - ansible.builtin.command: blkid -s UUID -o value /dev/sys/home + ansible.builtin.command: blkid -s UUID -o value /dev/{{ partitioning_vg_name }}/home register: partitioning_uuid_home_result changed_when: false @@ -488,7 +487,7 @@ when: - system_cfg.filesystem != 'btrfs' - system_cfg.features.cis.enabled - ansible.builtin.command: blkid -s UUID -o value /dev/sys/var + ansible.builtin.command: blkid -s UUID -o value /dev/{{ partitioning_vg_name }}/var register: partitioning_uuid_var_result changed_when: false @@ -496,7 +495,7 @@ when: - system_cfg.filesystem != 'btrfs' - system_cfg.features.cis.enabled - ansible.builtin.command: blkid -s UUID -o value /dev/sys/var_log + ansible.builtin.command: blkid -s UUID -o value /dev/{{ partitioning_vg_name }}/var_log register: partitioning_uuid_var_log_result changed_when: false @@ -504,7 +503,7 @@ when: - system_cfg.filesystem != 'btrfs' - system_cfg.features.cis.enabled - ansible.builtin.command: blkid -s UUID -o value /dev/sys/var_log_audit + ansible.builtin.command: blkid -s UUID -o value /dev/{{ partitioning_vg_name }}/var_log_audit register: partitioning_uuid_var_log_audit_result changed_when: false diff --git a/roles/partitioning/tasks/xfs.yml b/roles/partitioning/tasks/xfs.yml index 13d0f5e..e315251 100644 --- a/roles/partitioning/tasks/xfs.yml +++ b/roles/partitioning/tasks/xfs.yml @@ -2,7 +2,7 @@ - name: Create and format XFS logical volumes when: system_cfg.features.cis.enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit'] community.general.filesystem: - dev: /dev/sys/{{ item.lv }} + dev: /dev/{{ partitioning_vg_name }}/{{ item.lv }} fstype: xfs opts: "{{ '-m bigtime=0 -i nrext64=0,exchange=0 -n parent=0' if is_rhel | bool else omit }}" force: true