Hi
I am am trying to setup Ansible vault and running into errors.
In my /etc/ansible/group_vars folder I have muliple vars files for specific
server groups in the host files. These vars files (winservers.yml) have the
servers login details...for example:
ansible_ssh_user: Administrator
ansible_ssh_pass: PASSWORD
ansible_ssh_port: 5986
ansible_connection: winrm
What I want to do is use vault to not have those passwords visable in these
vars files.
So what I did is create a vault.yml file (using ansible-vault) in the
group_vars folder. I then added the variables in the file
---
azure_password: PASSWORD1
winservers_password: PASSWORD
I then changed the above 'winservers.yml' vars file to the following:
ansible_ssh_user: Administrator
ansible_ssh_pass: {{ winservers_password }}
ansible_ssh_port: 5986
ansible_connection: winrm
I then tried to run a simple playbook on the 'winservers' servers, and got
the following error:
The error appears to have been in '/etc/ansible/group_vars/winservers.yml':
line 4, column 20, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
ansible_ssh_user: Administrator
ansible_ssh_pass: {{ winservers_password }}
^ here
We could be wrong, but this one looks like it might be an issue with
missing quotes. Always quote template expression brackets when they
start a value. For instance:
with_items:
- {{ foo }}
Should be written as:
with_items:
- "{{ foo }}"
Is there a way of using vault to keep all passwords, and use it in a way
above?
Cheers
Mark
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/750ab6cf-2ff2-4147-88af-4b70ed2a973c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
