diff --git a/playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-load-key-hpool.service b/playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-load-key-hpool.service new file mode 100644 index 0000000..0eda6b5 --- /dev/null +++ b/playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-load-key-hpool.service @@ -0,0 +1,17 @@ +[Unit] +Description=Load encryption key for ZFS hpool +Documentation=man:zfs(8) +DefaultDependencies=no +After=systemd-udev-settle.service +After=zfs-import.target +After=systemd-remount-fs.service +Before=zfs-mount.service +ConditionPathIsDirectory=/sys/module/zfs + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/sbin/zfs load-key hpool + +[Install] +WantedBy=zfs.target diff --git a/playbooks/hosts.yml b/playbooks/hosts.yml index beb0c4c..2f58b80 100644 --- a/playbooks/hosts.yml +++ b/playbooks/hosts.yml @@ -23,6 +23,7 @@ - import_tasks: tasks/hosts/systemd-mail.yml - import_tasks: tasks/hosts/zfs-scrub.yml - import_tasks: tasks/hosts/zfs-trim.yml + - import_tasks: tasks/hosts/zfs-extra.yml - import_tasks: tasks/hosts/zfsutils-cron.yml - import_tasks: tasks/hosts/ups.yml - import_tasks: tasks/hosts/smart.yml diff --git a/playbooks/tasks/hosts/zfs-extra.yml b/playbooks/tasks/hosts/zfs-extra.yml new file mode 100644 index 0000000..8b7c9d7 --- /dev/null +++ b/playbooks/tasks/hosts/zfs-extra.yml @@ -0,0 +1,17 @@ +- name: Load hpool keys service file + copy: + src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-load-key-hpool.service + dest: /etc/systemd/system/zfs-load-key-hpool.service + mode: 0644 + register: systemd_zfs_load_key_hpool_service_file + +- name: SystemD daemon reload + systemd: + daemon_reload: true + when: + systemd_zfs_load_key_hpool_service_file is changed + +- name: Ensure hpool keys are loaded at boot + systemd: + name: zfs-load-key-hpool.service + enabled: yes diff --git a/playbooks/tasks/hosts/zfs-scrub.yml b/playbooks/tasks/hosts/zfs-scrub.yml index 52ff8bd..6cccb21 100644 --- a/playbooks/tasks/hosts/zfs-scrub.yml +++ b/playbooks/tasks/hosts/zfs-scrub.yml @@ -36,3 +36,9 @@ name: zfs-scrub-monthly@rpool.timer enabled: yes state: started + +- name: Enable zfs scrub of hpool + systemd: + name: zfs-scrub-monthly@hpool.timer + enabled: yes + state: started