sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add swap_enabled toggle for swap setup

Browse Source
This commit is contained in:
Sandwich
2026-01-02 18:51:27 +01:00
parent 2891de8fef
commit ce972e55dd
5 changed files with 146 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/configuration/tasks/extras.yml
View File

@@ -26,7 +26,9 @@
mode: "0644" mode: "0644"
- name: Create zram config - name: Create zram config
when: os | lower not in ['debian11', 'rhel8'] when:
- os | lower not in ['debian11', 'rhel8']
- swap_enabled | bool
ansible.builtin.copy: ansible.builtin.copy:
dest: /mnt/etc/systemd/zram-generator.conf dest: /mnt/etc/systemd/zram-generator.conf
content: | content: |

9
roles/configuration/tasks/grub.yml
View File

@@ -28,7 +28,14 @@
}} }}
configuration_grub_lvm_args_value: >- configuration_grub_lvm_args_value: >-
{{ {{
['resume=/dev/mapper/sys-swap', 'rd.lvm.lv=sys/root', 'rd.lvm.lv=sys/swap'] (
['rd.lvm.lv=sys/root']
+ (
['rd.lvm.lv=sys/swap', 'resume=/dev/mapper/sys-swap']
if swap_enabled | bool
else []
)
)
if (filesystem | lower) != 'btrfs' if (filesystem | lower) != 'btrfs'
else [] else []
}} }}

1
roles/global_defaults/defaults/main.yml
View File

@@ -6,6 +6,7 @@ selinux: true
vmware_ssh: false vmware_ssh: false
firewalld_enabled: true firewalld_enabled: true
zstd_enabled: true zstd_enabled: true
swap_enabled: true
cis_enabled: "{{ cis | bool }}" cis_enabled: "{{ cis | bool }}"

5
roles/partitioning/tasks/btrfs.yml
View File

@@ -40,7 +40,9 @@
changed_when: false changed_when: false
- name: Make root subvolumes - name: Make root subvolumes
when: cis_enabled or item.subvol not in ['var_log_audit'] when:
- cis_enabled or item.subvol not in ['var_log_audit']
- swap_enabled | bool or item.subvol != 'swap'
ansible.builtin.command: btrfs su cr /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }} ansible.builtin.command: btrfs su cr /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
args: args:
creates: /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }} creates: /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
@@ -63,6 +65,7 @@
changed_when: false changed_when: false
- name: Create a Btrfs swap file - name: Create a Btrfs swap file
when: swap_enabled | bool
ansible.builtin.command: >- ansible.builtin.command: >-
btrfs filesystem mkswapfile --size {{ partitioning_swap_size_gb }}g --uuid clear /mnt/@swap/swapfile btrfs filesystem mkswapfile --size {{ partitioning_swap_size_gb }}g --uuid clear /mnt/@swap/swapfile
args: args:

123
roles/partitioning/tasks/main.yml
View File

@@ -1,6 +1,7 @@
--- ---
- name: Detect system memory for swap sizing - name: Detect system memory for swap sizing
when: when:
- swap_enabled | bool
- partitioning_vm_memory is not defined or (partitioning_vm_memory | float) <= 0 - partitioning_vm_memory is not defined or (partitioning_vm_memory | float) <= 0
- vm_memory is not defined or (vm_memory | float) <= 0 - vm_memory is not defined or (vm_memory | float) <= 0
block: block:
@@ -257,32 +258,47 @@
pvs: "{{ partitioning_root_device }}" pvs: "{{ partitioning_root_device }}"
- name: Create LVM logical volumes - name: Create LVM logical volumes
when: cis_enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit'] when:
- cis_enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit']
- swap_enabled | bool or item.lv != 'swap'
vars: vars:
partitioning_lvm_swap_target_gb: >- partitioning_lvm_swap_target_gb: >-
{{ {{
(
[ [
(partitioning_vm_memory_effective | float / 1024), (partitioning_vm_memory_effective | float / 1024),
4 4
] | max | float ] | max | float
)
if swap_enabled | bool
else 0
}} }}
partitioning_lvm_swap_cap_gb: >- partitioning_lvm_swap_cap_gb: >-
{{ {{
(
4 4
+ [ + [
(partitioning_vm_size_effective | float) - 20, (partitioning_vm_size_effective | float) - 20,
0 0
] | max ] | max
)
if swap_enabled | bool
else 0
}} }}
partitioning_lvm_swap_target_effective_gb: >- partitioning_lvm_swap_target_effective_gb: >-
{{ {{
(
[ [
partitioning_lvm_swap_target_gb, partitioning_lvm_swap_target_gb,
partitioning_lvm_swap_cap_gb partitioning_lvm_swap_cap_gb
] | min ] | min
)
if swap_enabled | bool
else 0
}} }}
partitioning_lvm_swap_max_gb: >- partitioning_lvm_swap_max_gb: >-
{{ {{
(
[ [
( (
(partitioning_vm_size_effective | float) (partitioning_vm_size_effective | float)
@@ -292,6 +308,9 @@
), ),
0 0
] | max ] | max
)
if swap_enabled | bool
else 0
}} }}
partitioning_lvm_available_gb: >- partitioning_lvm_available_gb: >-
{{ {{
@@ -328,10 +347,14 @@
}} }}
partitioning_lvm_swap_gb: >- partitioning_lvm_swap_gb: >-
{{ {{
(
[ [
partitioning_lvm_swap_target_effective_gb, partitioning_lvm_swap_target_effective_gb,
partitioning_lvm_swap_max_gb partitioning_lvm_swap_max_gb
] | min | round(2, 'floor') ] | min | round(2, 'floor')
)
if swap_enabled | bool
else 0
}} }}
partitioning_lvm_root_full_gb: >- partitioning_lvm_root_full_gb: >-
{{ {{
@@ -399,7 +422,9 @@
changed_when: partitioning_boot_ext4_tune_result.rc == 0 changed_when: partitioning_boot_ext4_tune_result.rc == 0
- name: Create swap filesystem - name: Create swap filesystem
when: filesystem != 'btrfs' when:
- filesystem != 'btrfs'
- swap_enabled | bool
community.general.filesystem: community.general.filesystem:
fstype: swap fstype: swap
dev: /dev/sys/swap dev: /dev/sys/swap
@@ -424,28 +449,86 @@
register: partitioning_main_uuid register: partitioning_main_uuid
changed_when: false changed_when: false
- name: Get UUIDs for LVM filesystems - name: Get UUID for LVM root filesystem
when: filesystem != 'btrfs' and (cis_enabled or item not in ['home', 'var', 'var_log', 'var_log_audit']) when: filesystem != 'btrfs'
ansible.builtin.command: blkid -s UUID -o value /dev/sys/{{ item }} ansible.builtin.command: blkid -s UUID -o value /dev/sys/root
loop: register: partitioning_uuid_root_result
- root changed_when: false
- swap
- home - name: Get UUID for LVM swap filesystem
- var when:
- var_log - filesystem != 'btrfs'
- var_log_audit - swap_enabled | bool
register: partitioning_uuid_result ansible.builtin.command: blkid -s UUID -o value /dev/sys/swap
register: partitioning_uuid_swap_result
changed_when: false
- name: Get UUID for LVM home filesystem
when:
- filesystem != 'btrfs'
- cis_enabled
ansible.builtin.command: blkid -s UUID -o value /dev/sys/home
register: partitioning_uuid_home_result
changed_when: false
- name: Get UUID for LVM var filesystem
when:
- filesystem != 'btrfs'
- cis_enabled
ansible.builtin.command: blkid -s UUID -o value /dev/sys/var
register: partitioning_uuid_var_result
changed_when: false
- name: Get UUID for LVM var_log filesystem
when:
- filesystem != 'btrfs'
- cis_enabled
ansible.builtin.command: blkid -s UUID -o value /dev/sys/var_log
register: partitioning_uuid_var_log_result
changed_when: false
- name: Get UUID for LVM var_log_audit filesystem
when:
- filesystem != 'btrfs'
- cis_enabled
ansible.builtin.command: blkid -s UUID -o value /dev/sys/var_log_audit
register: partitioning_uuid_var_log_audit_result
changed_when: false changed_when: false
- name: Assign UUIDs to Variables - name: Assign UUIDs to Variables
when: filesystem != 'btrfs' when: filesystem != 'btrfs'
ansible.builtin.set_fact: ansible.builtin.set_fact:
partitioning_uuid_root: "{{ partitioning_uuid_result.results[0].stdout_lines }}" partitioning_uuid_root: "{{ partitioning_uuid_root_result.stdout_lines | default([]) }}"
partitioning_uuid_swap: "{{ partitioning_uuid_result.results[1].stdout_lines }}" partitioning_uuid_swap: >-
partitioning_uuid_home: "{{ partitioning_uuid_result.results[2].stdout_lines if cis_enabled else '' }}" {{
partitioning_uuid_var: "{{ partitioning_uuid_result.results[3].stdout_lines if cis_enabled else '' }}" partitioning_uuid_swap_result.stdout_lines | default([])
partitioning_uuid_var_log: "{{ partitioning_uuid_result.results[4].stdout_lines if cis_enabled else '' }}" if swap_enabled | bool
partitioning_uuid_var_log_audit: "{{ partitioning_uuid_result.results[5].stdout_lines if cis_enabled else '' }}" else ''
}}
partitioning_uuid_home: >-
{{
partitioning_uuid_home_result.stdout_lines | default([])
if cis_enabled
else ''
}}
partitioning_uuid_var: >-
{{
partitioning_uuid_var_result.stdout_lines | default([])
if cis_enabled
else ''
}}
partitioning_uuid_var_log: >-
{{
partitioning_uuid_var_log_result.stdout_lines | default([])
if cis_enabled
else ''
}}
partitioning_uuid_var_log_audit: >-
{{
partitioning_uuid_var_log_audit_result.stdout_lines | default([])
if cis_enabled
else ''
}}
- name: Mount filesystems - name: Mount filesystems
block: block:
@@ -460,6 +543,7 @@
) )
- >- - >-
not (item.path in ['/swap', '/var/cache/pacman/pkg'] and filesystem != 'btrfs') not (item.path in ['/swap', '/var/cache/pacman/pkg'] and filesystem != 'btrfs')
- swap_enabled | bool or item.path != '/swap'
ansible.posix.mount: ansible.posix.mount:
path: /mnt{{ item.path }} path: /mnt{{ item.path }}
src: "{{ 'UUID=' + (partitioning_main_uuid.stdout if filesystem == 'btrfs' else item.uuid) }}" src: "{{ 'UUID=' + (partitioning_main_uuid.stdout if filesystem == 'btrfs' else item.uuid) }}"
@@ -559,6 +643,7 @@
state: mounted state: mounted
- name: Activate swap - name: Activate swap
when: swap_enabled | bool
vars: vars:
partitioning_swap_cmd: >- partitioning_swap_cmd: >-
{{ 'swapon /mnt/swap/swapfile' if filesystem == 'btrfs' else 'swapon -U ' + partitioning_uuid_swap[0] }} {{ 'swapon /mnt/swap/swapfile' if filesystem == 'btrfs' else 'swapon -U ' + partitioning_uuid_swap[0] }}