The_miro
f1ea6dcb54
New playbook collect-luks-keys.yml connects to all enrolled FreeIPA clients, checks for /_LUKS_BACKUP_KEY (placed there by the installer when encryption is enabled), and fetches each key to the Ansible controller as luks-keys/<HOSTNAME>_LUKS_BACKUP_KEY (mode 0400). Hosts without the file are reported but not treated as errors. The luks-keys/ store directory is created with mode 0700. Usage: ansible-playbook -i inventory collect-luks-keys.yml Can be scheduled via cron on the controller for automatic collection. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| ansible | ||
| image | ||
| auto-enroll-ansible.sh | ||
| copilot-explains.txt | ||
| freeipa-client-answerfile.json | ||
| freeipa-client.sh | ||
| freeipa-enroll.sh | ||