feat(disks): add standardized multi-disk mount schema
This commit is contained in:
@@ -1,9 +1,9 @@
|
||||
---
|
||||
- name: Detect system memory for swap sizing
|
||||
when:
|
||||
- swap_enabled | bool
|
||||
- system_cfg.features.swap.enabled | bool
|
||||
- partitioning_vm_memory is not defined or (partitioning_vm_memory | float) <= 0
|
||||
- system_cfg is not defined or (system_cfg.memory_mb | default(0) | float) <= 0
|
||||
- system_cfg is not defined or (system_cfg.memory | default(0) | float) <= 0
|
||||
block:
|
||||
- name: Read system memory
|
||||
ansible.builtin.command: awk '/MemTotal/ {print int($2/1024)}' /proc/meminfo
|
||||
@@ -17,7 +17,7 @@
|
||||
|
||||
- name: Set partitioning vm_size for physical installs
|
||||
when:
|
||||
- install_type == "physical"
|
||||
- system_cfg.type == "physical"
|
||||
- partitioning_vm_size is not defined or (partitioning_vm_size | float) <= 0
|
||||
- install_drive | length > 0
|
||||
block:
|
||||
@@ -163,7 +163,7 @@
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- partitioning_luks_passphrase_effective | length > 0
|
||||
fail_msg: luks_passphrase (or partitioning_luks_passphrase) must be set when LUKS is enabled.
|
||||
fail_msg: system.luks.passphrase must be set when LUKS is enabled.
|
||||
no_log: true
|
||||
|
||||
- name: Ensure LUKS container exists
|
||||
@@ -258,8 +258,8 @@
|
||||
|
||||
- name: Create LVM logical volumes
|
||||
when:
|
||||
- cis_enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit']
|
||||
- swap_enabled | bool or item.lv != 'swap'
|
||||
- system_cfg.features.cis.enabled or item.lv not in ['home', 'var', 'var_log', 'var_log_audit']
|
||||
- system_cfg.features.swap.enabled | bool or item.lv != 'swap'
|
||||
vars:
|
||||
partitioning_lvm_extent_reserve_count: 10
|
||||
partitioning_lvm_extent_size_mib: 4
|
||||
@@ -279,7 +279,7 @@
|
||||
4
|
||||
] | max | float
|
||||
)
|
||||
if swap_enabled | bool
|
||||
if system_cfg.features.swap.enabled | bool
|
||||
else 0
|
||||
}}
|
||||
partitioning_lvm_swap_cap_gb: >-
|
||||
@@ -291,7 +291,7 @@
|
||||
0
|
||||
] | max
|
||||
)
|
||||
if swap_enabled | bool
|
||||
if system_cfg.features.swap.enabled | bool
|
||||
else 0
|
||||
}}
|
||||
partitioning_lvm_swap_target_effective_gb: >-
|
||||
@@ -302,7 +302,7 @@
|
||||
partitioning_lvm_swap_cap_gb
|
||||
] | min
|
||||
)
|
||||
if swap_enabled | bool
|
||||
if system_cfg.features.swap.enabled | bool
|
||||
else 0
|
||||
}}
|
||||
partitioning_lvm_swap_max_gb: >-
|
||||
@@ -312,14 +312,14 @@
|
||||
(
|
||||
(partitioning_vm_size_effective | float)
|
||||
- (partitioning_reserved_gb | float)
|
||||
- (cis_enabled | ternary(7.5, 0))
|
||||
- (system_cfg.features.cis.enabled | ternary(7.5, 0))
|
||||
- partitioning_lvm_extent_reserve_gb
|
||||
- 4
|
||||
),
|
||||
0
|
||||
] | max
|
||||
)
|
||||
if swap_enabled | bool
|
||||
if system_cfg.features.swap.enabled | bool
|
||||
else 0
|
||||
}}
|
||||
partitioning_lvm_available_gb: >-
|
||||
@@ -327,7 +327,7 @@
|
||||
(
|
||||
(partitioning_vm_size_effective | float)
|
||||
- (partitioning_reserved_gb | float)
|
||||
- (cis_enabled | ternary(7.5, 0))
|
||||
- (system_cfg.features.cis.enabled | ternary(7.5, 0))
|
||||
- partitioning_lvm_extent_reserve_gb
|
||||
- partitioning_lvm_swap_target_effective_gb
|
||||
) | float
|
||||
@@ -364,7 +364,7 @@
|
||||
partitioning_lvm_swap_max_gb
|
||||
] | min | round(2, 'floor')
|
||||
)
|
||||
if swap_enabled | bool
|
||||
if system_cfg.features.swap.enabled | bool
|
||||
else 0
|
||||
}}
|
||||
partitioning_lvm_root_full_gb: >-
|
||||
@@ -377,7 +377,7 @@
|
||||
- partitioning_lvm_extent_reserve_gb
|
||||
- (
|
||||
(partitioning_lvm_home_gb | float) + 5.5
|
||||
if cis_enabled
|
||||
if system_cfg.features.cis.enabled
|
||||
else 0
|
||||
)
|
||||
),
|
||||
@@ -436,7 +436,7 @@
|
||||
- name: Create swap filesystem
|
||||
when:
|
||||
- filesystem != 'btrfs'
|
||||
- swap_enabled | bool
|
||||
- system_cfg.features.swap.enabled | bool
|
||||
community.general.filesystem:
|
||||
fstype: swap
|
||||
dev: /dev/sys/swap
|
||||
@@ -470,7 +470,7 @@
|
||||
- name: Get UUID for LVM swap filesystem
|
||||
when:
|
||||
- filesystem != 'btrfs'
|
||||
- swap_enabled | bool
|
||||
- system_cfg.features.swap.enabled | bool
|
||||
ansible.builtin.command: blkid -s UUID -o value /dev/sys/swap
|
||||
register: partitioning_uuid_swap_result
|
||||
changed_when: false
|
||||
@@ -478,7 +478,7 @@
|
||||
- name: Get UUID for LVM home filesystem
|
||||
when:
|
||||
- filesystem != 'btrfs'
|
||||
- cis_enabled
|
||||
- system_cfg.features.cis.enabled
|
||||
ansible.builtin.command: blkid -s UUID -o value /dev/sys/home
|
||||
register: partitioning_uuid_home_result
|
||||
changed_when: false
|
||||
@@ -486,7 +486,7 @@
|
||||
- name: Get UUID for LVM var filesystem
|
||||
when:
|
||||
- filesystem != 'btrfs'
|
||||
- cis_enabled
|
||||
- system_cfg.features.cis.enabled
|
||||
ansible.builtin.command: blkid -s UUID -o value /dev/sys/var
|
||||
register: partitioning_uuid_var_result
|
||||
changed_when: false
|
||||
@@ -494,7 +494,7 @@
|
||||
- name: Get UUID for LVM var_log filesystem
|
||||
when:
|
||||
- filesystem != 'btrfs'
|
||||
- cis_enabled
|
||||
- system_cfg.features.cis.enabled
|
||||
ansible.builtin.command: blkid -s UUID -o value /dev/sys/var_log
|
||||
register: partitioning_uuid_var_log_result
|
||||
changed_when: false
|
||||
@@ -502,7 +502,7 @@
|
||||
- name: Get UUID for LVM var_log_audit filesystem
|
||||
when:
|
||||
- filesystem != 'btrfs'
|
||||
- cis_enabled
|
||||
- system_cfg.features.cis.enabled
|
||||
ansible.builtin.command: blkid -s UUID -o value /dev/sys/var_log_audit
|
||||
register: partitioning_uuid_var_log_audit_result
|
||||
changed_when: false
|
||||
@@ -514,31 +514,31 @@
|
||||
partitioning_uuid_swap: >-
|
||||
{{
|
||||
partitioning_uuid_swap_result.stdout_lines | default([])
|
||||
if swap_enabled | bool
|
||||
if system_cfg.features.swap.enabled | bool
|
||||
else ''
|
||||
}}
|
||||
partitioning_uuid_home: >-
|
||||
{{
|
||||
partitioning_uuid_home_result.stdout_lines | default([])
|
||||
if cis_enabled
|
||||
if system_cfg.features.cis.enabled
|
||||
else ''
|
||||
}}
|
||||
partitioning_uuid_var: >-
|
||||
{{
|
||||
partitioning_uuid_var_result.stdout_lines | default([])
|
||||
if cis_enabled
|
||||
if system_cfg.features.cis.enabled
|
||||
else ''
|
||||
}}
|
||||
partitioning_uuid_var_log: >-
|
||||
{{
|
||||
partitioning_uuid_var_log_result.stdout_lines | default([])
|
||||
if cis_enabled
|
||||
if system_cfg.features.cis.enabled
|
||||
else ''
|
||||
}}
|
||||
partitioning_uuid_var_log_audit: >-
|
||||
{{
|
||||
partitioning_uuid_var_log_audit_result.stdout_lines | default([])
|
||||
if cis_enabled
|
||||
if system_cfg.features.cis.enabled
|
||||
else ''
|
||||
}}
|
||||
|
||||
@@ -547,15 +547,15 @@
|
||||
- name: Mount filesystems and subvolumes
|
||||
when:
|
||||
- >-
|
||||
cis_enabled or (
|
||||
not cis_enabled and (
|
||||
system_cfg.features.cis.enabled or (
|
||||
not system_cfg.features.cis.enabled and (
|
||||
(filesystem == 'btrfs' and item.path in ['/home', '/var/log', '/var/cache/pacman/pkg'])
|
||||
or (item.path not in ['/home', '/var', '/var/log', '/var/log/audit', '/var/cache/pacman/pkg'])
|
||||
)
|
||||
)
|
||||
- >-
|
||||
not (item.path in ['/swap', '/var/cache/pacman/pkg'] and filesystem != 'btrfs')
|
||||
- swap_enabled | bool or item.path != '/swap'
|
||||
- system_cfg.features.swap.enabled | bool or item.path != '/swap'
|
||||
ansible.posix.mount:
|
||||
path: /mnt{{ item.path }}
|
||||
src: "{{ 'UUID=' + (partitioning_main_uuid.stdout if filesystem == 'btrfs' else item.uuid) }}"
|
||||
@@ -655,7 +655,7 @@
|
||||
state: mounted
|
||||
|
||||
- name: Activate swap
|
||||
when: swap_enabled | bool
|
||||
when: system_cfg.features.swap.enabled | bool
|
||||
vars:
|
||||
partitioning_swap_cmd: >-
|
||||
{{ 'swapon /mnt/swap/swapfile' if filesystem == 'btrfs' else 'swapon -U ' + partitioning_uuid_swap[0] }}
|
||||
|
||||
Reference in New Issue
Block a user