Skip to content

johnmehringer/puppet-dmcrypt

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
manifests
manifests
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

puppet-dmcrypt

puppet module to use dmcrypt/LUKS

About

Decrypt and use LUKS encrypted device.

This module allows to decrypt and mount a LUKS encrypted device. If the device has not been formatted before, it is formatted with XFS. "not formatted before" means that the first 10 MB of the device are filled with zeroes.

The module also allows to format a device with a random key and use it for nova instance files. This volume is lost upon power down / reboot which is the purpose of the module.

Usage

class {'dmcrypt': }

dmcrypt::luksDevice {'/dev/vdb1':
  name        => 'osd-1',
  mount_point => '/var/lib/ceph/osd/ceph-1'
}

... and probably more calls to dmcrypt::luksDevice

To format /dev/sdb2 to be used as a self-destructing nova-instance storage do this:

dmcryt::ephemeral_nova {'/dev/sdb2': }

Compatibility

Works at least on Ubuntu 12.04 with puppet 2.7.11 and cryptsetup 1.4.1.

ToDo

  • Testing
  • Update of documentation

About

puppet module to use dmcrypt/LUKS

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Puppet 100.0%