docker data is encrypted
This commit is contained in:
parent
aaee98f089
commit
737c8c9129
2 changed files with 11 additions and 10 deletions
|
@ -1,4 +1,9 @@
|
|||
---
|
||||
# TODO: Use a BTRFS subvolume instead?
|
||||
- name: "Mount encrypted partition to /srv."
|
||||
shell: "mount /srv"
|
||||
args:
|
||||
creates: "/srv/docker"
|
||||
- name: "Prepare /srv to encrypt Docker files."
|
||||
file:
|
||||
state: "directory"
|
||||
|
@ -7,11 +12,6 @@
|
|||
- "/srv/docker"
|
||||
- "/var/lib/docker"
|
||||
- name: "Bind mount /srv/docker to /var/lib/docker."
|
||||
mount:
|
||||
state: "mounted"
|
||||
src: "/srv/docker"
|
||||
path: "/var/lib/docker"
|
||||
opts: "bind"
|
||||
fstype: "none"
|
||||
shell: "mount /var/lib/docker"
|
||||
- name: "Start Docker service."
|
||||
shell: "/etc/init.d/docker start"
|
||||
|
|
|
@ -2,3 +2,4 @@
|
|||
{{disk_device}}1 /boot ext2 noatime,nodiratime,lazytime,ro 0 2
|
||||
/dev/mapper/srv /srv btrfs compress=zstd,noatime,nodiratime,lazytime,discard,noauto 0 2
|
||||
tmpfs /var/log tmpfs defaults 0 0
|
||||
/srv/docker /var/lib/docker none bind 0 0
|
||||
|
|
Loading…
Reference in a new issue