aboutsummaryrefslogtreecommitdiff
path: root/content/blog/ansible/ansible-vault-example.md
diff options
context:
space:
mode:
Diffstat (limited to 'content/blog/ansible/ansible-vault-example.md')
-rw-r--r--content/blog/ansible/ansible-vault-example.md36
1 files changed, 36 insertions, 0 deletions
diff --git a/content/blog/ansible/ansible-vault-example.md b/content/blog/ansible/ansible-vault-example.md
new file mode 100644
index 0000000..fb6ef45
--- /dev/null
+++ b/content/blog/ansible/ansible-vault-example.md
@@ -0,0 +1,36 @@
+---
+title: "Ansible vault example"
+linkTitle: "Ansible vault example"
+date: 2018-02-21
+description: >
+ Ansible vault example
+---
+
+Here is how to edit a vault protected file :
+{{< highlight sh >}}
+ansible-vault edit hostvars/blah.yml
+{{< / highlight >}}
+
+Here is how to put a multiline entry like a private key in vault (for a simple value, just don't use a `|`):
+
+{{< highlight yaml >}}
+ssl_key : |
+ ----- BEGIN PRIVATE KEY -----
+ blahblahblah
+ blahblahblah
+ ----- END PRIVATE KEY -----
+{{< /highlight >}}
+
+And here is how to use it in a task :
+{{< highlight yaml >}}
+- copy:
+ path: /etc/ssl/private.key
+ mode: 0400
+ content: '{{ ssl_key }}'
+{{< / highlight >}}
+
+To run a playbook, you will need to pass the `--ask-vault` argument or to export a `ANSIBLE_VAULT_PASSWORD_FILE=/home/julien/.vault_pass.txt` variable (the file needs to contain a single line with your vault password here).
+
+## Ressources
+
+ * how to break long lines in ansible : https://watson-wilson.ca/blog/2018/07/11/ansible-tips/
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 01:24:59 +0000