I work on ubuntu host and the ansible playbooks run on docker container
with ubuntu
ill try to look into gpg agent for docker container - thanks!
ב-יום ראשון, 27 במרץ 2022 בשעה 19:56:24 UTC+3, dick@geant.org כתב/ה:
> An option would be to use gpg-agent. Depending on your setup that
> might au
An option would be to use gpg-agent. Depending on your setup that
might automagically unlock when you sign in to the computer you use to
run ansible playbooks.
For example I know that on macOS you can store the gpg password in the
OS' keychain.
On Sun, 27 Mar 2022 at 16:17, R Batchen wrote:
>
>
sorry i encrypted like this:
gpg -c vault
ב-יום ראשון, 27 במרץ 2022 בשעה 17:17:13 UTC+3, R Batchen כתב/ה:
> I have tried using the gpg script works amazing BUT - the gpg file askes
> randomly the password again and again so i cannot really relay on that.
> i used like this :
>
> gpg-wrapper.s
I have tried using the gpg script works amazing BUT - the gpg file askes
randomly the password again and again so i cannot really relay on that.
i used like this :
gpg-wrapper.sh -
#!/bin/sh
VAULT_PW_FILENAME="/base/vaults/vault.gpg"
gpg --quiet --batch --use-agent --decrypt $VAULT_PW_FILENAME
a
You can use this
https://docs.ansible.com/ansible/latest/user_guide/vault.html?extIdCarryOver=true&sc_cid=701f201Css5AAC#storing-passwords-in-third-party-tools-with-vault-password-client-scripts
On Tue, Mar 22, 2022 at 4:45 PM Stefan Hornburg (Racke)
wrote:
> On 22/03/2022 12:05, R Batchen w
On 22/03/2022 12:05, R Batchen wrote:
Hey,
I dont understand how ansible vault is safe if i want to use in a script i
need to give ansible
the file where the password is saved in plain text.. so i dont get it
i do get it being safe if i do a prompts for the password with --ask-vault-pass
but
Hey,
I dont understand how ansible vault is safe if i want to use in a script i
need to give ansible
the file where the password is saved in plain text.. so i dont get it
i do get it being safe if i do a prompts for the password with
--ask-vault-pass
but when i point to ansible using --vault-p