patternModerate
What is Ansible's config equivalent of `--vault-password-file`?
Viewed 0 times
fileequivalentwhatvaultpasswordconfigansible
Problem
According the help of ansible-playbook one could use
Question
What variable need to be defined in either the group- or host_vars directory to prevent that
Attempts
-
When
-
No associated vault variables was found in this documentation
--user=REMOTE_USER to define the ssh user, but one could also define ansible_ssh_user: REMOTE_USER in either the host- or group_vars.Question
What variable need to be defined in either the group- or host_vars directory to prevent that
--vault-password-file has to be defined while running ansible-playbook?Attempts
-
When
ansible_vault_password_file: ~/.vault_pass.txt is defined in the config the decryption fails:ERROR! Decryption failed on /path/to/vault-
No associated vault variables was found in this documentation
Solution
Here is the definition:
This means that you either put in ansible.cfg or playbook:
Or in your shell defined this variable:
DEFAULT_VAULT_PASSWORD_FILE = get_config(p, DEFAULTS, 'vault_password_file', \
'ANSIBLE_VAULT_PASSWORD_FILE', None, value_type='path')This means that you either put in ansible.cfg or playbook:
vault_password_file: ~/.vault_pass.txtOr in your shell defined this variable:
export ANSIBLE_VAULT_PASSWORD_FILE=~/.vault_pass.txtCode Snippets
DEFAULT_VAULT_PASSWORD_FILE = get_config(p, DEFAULTS, 'vault_password_file', \
'ANSIBLE_VAULT_PASSWORD_FILE', None, value_type='path')vault_password_file: ~/.vault_pass.txtexport ANSIBLE_VAULT_PASSWORD_FILE=~/.vault_pass.txtContext
StackExchange DevOps Q#703, answer score: 15
Revisions (0)
No revisions yet.