diff options
author | Julien Dessaux | 2020-04-28 17:29:52 +0200 |
---|---|---|
committer | Julien Dessaux | 2020-04-28 17:29:52 +0200 |
commit | 6cc9d8c72a56563b6d1a12b8b441dfa9dde345e9 (patch) | |
tree | 042852f7a8a18f65c8d5191234c8ed1cb85fd8a4 /content/en/blog/ansible/ansible-vault-example.md | |
parent | Initial import (diff) | |
download | www-6cc9d8c72a56563b6d1a12b8b441dfa9dde345e9.tar.gz www-6cc9d8c72a56563b6d1a12b8b441dfa9dde345e9.tar.bz2 www-6cc9d8c72a56563b6d1a12b8b441dfa9dde345e9.zip |
Long overdue first commit with content
Diffstat (limited to '')
-rw-r--r-- | content/en/blog/ansible/ansible-vault-example.md | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/content/en/blog/ansible/ansible-vault-example.md b/content/en/blog/ansible/ansible-vault-example.md new file mode 100644 index 0000000..fb6ef45 --- /dev/null +++ b/content/en/blog/ansible/ansible-vault-example.md @@ -0,0 +1,36 @@ +--- +title: "Ansible vault example" +linkTitle: "Ansible vault example" +date: 2018-02-21 +description: > + Ansible vault example +--- + +Here is how to edit a vault protected file : +{{< highlight sh >}} +ansible-vault edit hostvars/blah.yml +{{< / highlight >}} + +Here is how to put a multiline entry like a private key in vault (for a simple value, just don't use a `|`): + +{{< highlight yaml >}} +ssl_key : | + ----- BEGIN PRIVATE KEY ----- + blahblahblah + blahblahblah + ----- END PRIVATE KEY ----- +{{< /highlight >}} + +And here is how to use it in a task : +{{< highlight yaml >}} +- copy: + path: /etc/ssl/private.key + mode: 0400 + content: '{{ ssl_key }}' +{{< / highlight >}} + +To run a playbook, you will need to pass the `--ask-vault` argument or to export a `ANSIBLE_VAULT_PASSWORD_FILE=/home/julien/.vault_pass.txt` variable (the file needs to contain a single line with your vault password here). + +## Ressources + + * how to break long lines in ansible : https://watson-wilson.ca/blog/2018/07/11/ansible-tips/ |