gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '31ad29b087'
${ noResults }
hetzner-ansible/roles/lvm_with_hetzner_volumes/tasks/main.yml

97 lines
3.4 KiB
YAML
Raw Blame History

---
- name: "Creating some hcloud volumes for LVM purpose"
hetzner.hcloud.hcloud_volume:
api_token: "{{ hetzner_authentication_ansible }}"
name: "{{ lvm_with_hetzner_volumes__volprefix }}-{{ inventory_hostname }}--vol{{ item }}"
server: "{{ inventory_hostname }}"
labels:
stage: "{{ stage }}"
used_for: "{{ lvm_with_hetzner_volumes__volprefix }}"
bound_on: "{{ inventory_hostname }}"
vol_no: "{{ item | string }}"
size: "{{ lvm_with_hetzner_volumes__volsize }}"
state: present
delete_protection: true
loop: "{{ range(1, lvm_with_hetzner_volumes__volcount + 1) | list }}"
register: created_volume
delegate_to: localhost
become: false
- name: "Getting all hcloud volumes for {{ inventory_hostname }}"
hetzner.hcloud.hcloud_volume_info:
api_token: "{{ hetzner_authentication_ansible }}"
label_selector: "stage={{ stage }},used_for={{ lvm_with_hetzner_volumes__volprefix }},bound_on={{ inventory_hostname }}"
register: hcloud_volumes_found
delegate_to: localhost
become: false
- name: "Setting LVM related VARs"
ansible.builtin.set_fact:
pv_paths: "{{ hcloud_volumes_found.hcloud_volume_info | map(attribute='linux_device') | list }}"
pv_names: "{{ hcloud_volumes_found.hcloud_volume_info | map(attribute='name') | list }}"
vg_name: "vg.{{ lvm_with_hetzner_volumes__volprefix }}"
lv_name: "lv.{{ lvm_with_hetzner_volumes__volprefix }}"
encrypt_volumes: "{{ lvm_volume_encryption | bool }}"
when: hcloud_volumes_found.hcloud_volume_info | length > 0
- name: Manage LUKS container(s)
when: encrypt_volumes
block:
- name: Create LUKS container(s)
community.crypto.luks_device:
device: "{{ item.0 }}"
state: "present"
name: "{{ item.1 }}"
passphrase: "{{ lvm_with_hetzner_volumes__passphrase }}"
loop: "{{ pv_paths | zip(pv_names) | list }}"
- name: Open LUKS container(s)
community.crypto.luks_device:
device: "{{ item.0 }}"
state: "opened"
name: "{{ item.1 }}"
passphrase: "{{ lvm_with_hetzner_volumes__passphrase }}"
loop: "{{ pv_paths | zip(pv_names) | list }}"
- name: "Creating a volume group on top of all found volumes"
community.general.lvg:
vg: "{{ vg_name }}"
pvs: "{{ pv_names | map('regex_replace', '^(.*)$', '/dev/mapper/\\1') if encrypt_volumes else pv_paths }}"
pvresize: true
register: create_vg
when: hcloud_volumes_found.hcloud_volume_info | length > 0
- name: "Create logical volume" # noqa no-handler
community.general.lvol:
vg: "{{ vg_name }}"
lv: "{{ lv_name }}"
size: "100%PVS"
when: create_vg.changed
- name: "Format volume"
community.general.filesystem:
fstype: ext4
dev: "/dev/{{ vg_name }}/{{ lv_name }}"
- name: "Resize volume" # noqa no-handler
community.general.filesystem:
fstype: ext4
dev: "/dev/{{ vg_name }}/{{ lv_name }}"
resizefs: true
when:
- create_vg.changed
# set noqa linter 'tag' due to unknown file permissions/ownership for mount path ;
# must be set in role etc in which this role will be called!!!
- name: "Ensure mountpath exists without setting permission/ownership" # noqa risky-file-permissions
ansible.builtin.file:
path: "{{ lvm_with_hetzner_volumes__mountpath }}"
state: directory
- name: "Mount created LVM volume"
ansible.posix.mount:
path: "{{ lvm_with_hetzner_volumes__mountpath }}"
src: "/dev/{{ vg_name }}/{{ lv_name }}"
fstype: ext4
state: mounted
Reference in New Issue View Git Blame Copy Permalink