sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(encryption): add tpm2-tss dracut module explicitly for TPM2 LUKS

Browse Source
This commit is contained in:
Sandwich
2026-05-31 12:39:24 +02:00
parent 477c8379c4
commit ceb2237bbb
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/configuration/tasks/encryption/dracut.yml
View File

@@ -14,11 +14,11 @@
install_items+=" {{ configuration_luks_keyfile_path }} " install_items+=" {{ configuration_luks_keyfile_path }} "
{% endif %} {% endif %}
{% if configuration_luks_auto_method == 'tpm2' %} {% if configuration_luks_auto_method == 'tpm2' %}
add_dracutmodules+=" tpm2-tss "
install_items+=" {{ configuration_luks_tpm2_token_lib | default('') }} " install_items+=" {{ configuration_luks_tpm2_token_lib | default('') }} "
{% endif %} {% endif %}
mode: "0644" mode: "0644"
# --- Kernel cmdline: write rd.luks.* args for dracut ---
- name: Ensure kernel cmdline directory exists - name: Ensure kernel cmdline directory exists
ansible.builtin.file: ansible.builtin.file:
path: /mnt/etc/kernel path: /mnt/etc/kernel
@@ -58,7 +58,6 @@
mode: "0644" mode: "0644"
content: "{{ _dracut_kernel_cmdline }}\n" content: "{{ _dracut_kernel_cmdline }}\n"
# --- BLS entries: RedHat-specific ---
- name: Update BLS entries with LUKS kernel cmdline - name: Update BLS entries with LUKS kernel cmdline
when: os_family == 'RedHat' when: os_family == 'RedHat'
vars: vars: