Hi all
Using Vault in group_vars has the downside of losing version control on the
vaulted file, so the logical thing is to separate sensitive variables from
"normal" ones.
What we do is create a vault/ subdirectory under group_vars and include
that in vars_file.
The dir structure looks like this:
hosts
group_vars/
vault/
some_group
some_group
And the playbook starts like this:
- hosts: some_group
vars:
- "{{ inventory_dir }}/group_vars/vault/some_group
It seems like a good convention, any thoughts about making it a feature?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/433a9c7a-c091-4a81-a586-d44c25ae3973%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
