WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(tooling): added tasks to ease en/decrypt operations on vault files

Browse source
This commit is contained in:
NaeiKinDus 2025-03-02 00:00:00 +00:00
parent 93a3754ce4
commit 43d68e5cab
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
4 changed files with 41 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

27
tasks/utils.yml Normal file
View file

@ -0,0 +1,27 @@
version: '3'
tasks:
encrypt:
desc: encrypt all vault.yml files using; requires creating a vault-id file in your home
vars:
VAULT_FILES:
sh: find . -type f -name vault.yml -and -not -path "./.venv/*"
cmds:
- for: { var: VAULT_FILES }
cmd: '{{.PYTHON_WRAPPER}} ansible-vault encrypt {{.ITEM | replace "\n" " " }} || true'
decrypt:
desc: encrypt all vault.yml files using; requires creating a vault-id file in your home
vars:
VAULT_FILES:
sh: find . -type f -name vault.yml -and -not -path "./.venv/*"
cmds:
- for: { var: VAULT_FILES }
cmd: '{{.PYTHON_WRAPPER}} ansible-vault decrypt {{.ITEM | replace "\n" " " }} || true'
vault:init:
desc: Create a vault id file in your home directory for encrypting/decrypting vault files
cmds:
- 'pass generate {{.ANSIBLE_PASS_PATH}} {{.ANSIBLE_PASS_LENGTH}} > /dev/null'
status:
- 'pass show {{.ANSIBLE_PASS_PATH}} &> /dev/null '