diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-06-16 20:45:42 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-06-16 22:34:17 +0200 |
| commit | fe1e1152264fb4b476dc9dd58dc4af66816191d7 (patch) | |
| tree | 41fb0c115eebcd817bef6e52df07b6dee6d6fbf1 /roles/vm | |
| parent | fixup! ch-equinox-(ws|t450s): upgrade to ansible community package 4.x (diff) | |
rng-tools5 is now available everywhere
Diffstat (limited to 'roles/vm')
| -rw-r--r-- | roles/vm/guest/base/defaults/main.yml | 4 | ||||
| -rw-r--r-- | roles/vm/guest/base/handlers/main.yml | 5 | ||||
| -rw-r--r-- | roles/vm/guest/base/tasks/main.yml | 36 |
3 files changed, 21 insertions, 24 deletions
diff --git a/roles/vm/guest/base/defaults/main.yml b/roles/vm/guest/base/defaults/main.yml index ce072e95..54261f55 100644 --- a/roles/vm/guest/base/defaults/main.yml +++ b/roles/vm/guest/base/defaults/main.yml @@ -1,6 +1,2 @@ --- -vm_guest_rngd_config: - HRNGDEVICE: /dev/hwrng - RNGDOPTIONS: '"-s 256 -W 80%"' - vm_guest_autologin_on_serial: yes diff --git a/roles/vm/guest/base/handlers/main.yml b/roles/vm/guest/base/handlers/main.yml index 2dfdddcb..7c746ae2 100644 --- a/roles/vm/guest/base/handlers/main.yml +++ b/roles/vm/guest/base/handlers/main.yml @@ -3,6 +3,7 @@ command: /usr/sbin/update-grub - name: restart rngd - service: - name: rng-tools + systemd: + name: rngd state: restarted + daemon_reload: yes diff --git a/roles/vm/guest/base/tasks/main.yml b/roles/vm/guest/base/tasks/main.yml index b76ee762..7a383fe1 100644 --- a/roles/vm/guest/base/tasks/main.yml +++ b/roles/vm/guest/base/tasks/main.yml @@ -1,28 +1,28 @@ --- - name: install rngd apt: - name: rng-tools + name: rng-tools5 state: present force_apt_get: yes -- name: configure rngd [1/2] - loop: '{{ vm_guest_rngd_config | dict2items }}' - loop_control: - label: "{{ item.key }}" - lineinfile: - path: /etc/default/rng-tools - line: '{{ item.key }}={{ item.value }}' - regexp: '^#?{{ item.key }}=' - notify: restart rngd +- name: get size of entropy pool + check_mode: no + command: cat /proc/sys/kernel/random/poolsize + changed_when: false + register: entropy_pool_size -- name: configure rngd [2/2] - loop: '{{ vm_guest_rngd_config | dict2items }}' - loop_control: - label: "{{ item.key }}" - lineinfile: - path: /etc/default/rng-tools - regexp: '^{{ item.key }}=(?!{{ item.value }})' - state: absent +- name: create systemd override directory for rngd + file: + path: /etc/systemd/system/rngd.service.d + state: directory + +- name: configure rngd + copy: + content: | + [Service] + ExecStart= + ExecStart=/usr/sbin/rngd -f -r /dev/hwrng -s 256 -W {{ ((entropy_pool_size.stdout_lines | first | int) * 0.8) | int }} + dest: /etc/systemd/system/rngd.service.d/hwrng-device.conf notify: restart rngd |