Documentation
PLEASE NOTE: This document applies to latest version and not to the latest stable release v2.20
Documentation for other releases can be found by using the version selector in the top right of any doc page.crypttab
Manage encrypted filesystem entries in /etc/crypttab.
Attributes
check_mode:
support: full
Parameters
| Parameter | Required | Type | Values | Description |
|---|---|---|---|---|
| backing_device | string | Device containing encrypted data. Required when state=present. | ||
| name | true | string | Name of the encrypted device mapping. | |
| opts | string | Options for cryptsetup. | ||
| password | string | Password/keyfile for decryption. Use ‘none’ for interactive password prompt. [default: "none"] |
||
| path | string | Path to the crypttab file. [default: "/etc/crypttab"] |
||
| state | string | present absent |
Whether the entry should exist or not. [default: "present"] |
Examples
- name: Add encrypted swap partition
crypttab:
name: cryptswap
backing_device: /dev/sda2
password: /dev/urandom
opts: swap
state: present
- name: Add encrypted data volume with keyfile
crypttab:
name: cryptdata
backing_device: /dev/sdb1
password: /root/keyfile
opts: luks
state: present
- name: Add encrypted volume without password (will be prompted)
crypttab:
name: cryptdata
backing_device: /dev/sdb1
password: none
state: present
- name: Remove encrypted volume entry
crypttab:
name: cryptdata
state: absent
- name: Use custom crypttab file
crypttab:
name: cryptdata
backing_device: /dev/sdb1
password: /root/keyfile
state: present
path: /etc/crypttab.custom