Compare commits
No commits in common. "6b06b795cc769033fbb913167c88a7c41da30ebd" and "6229b779a40b484abad22266ce7a73d87280ba85" have entirely different histories.
6b06b795cc
...
6229b779a4
@ -29,7 +29,7 @@ Now make sure you instruct ansible to use the vault script when looking for the
|
|||||||
And then you should be done already! Time to create your first vault with the normal ansible way:
|
And then you should be done already! Time to create your first vault with the normal ansible way:
|
||||||
|
|
||||||
$ ansible-vault create host_vars/secrets.yml
|
$ ansible-vault create host_vars/secrets.yml
|
||||||
< $EDITOR for host_vars/secrets.yml opens >
|
< $EDITOR opens >
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
@ -52,3 +52,6 @@ Security notice: when a malicious user has decrypted and saved the passphrase wh
|
|||||||
## Storage
|
## Storage
|
||||||
|
|
||||||
The passphrase and list of gpg user-ids are stored in `ansible-gpg-vault-store/` in the top level of the repository, as to not dirty the tree of the submodule and allowing to commit the changes in the repo they are meant to be in.
|
The passphrase and list of gpg user-ids are stored in `ansible-gpg-vault-store/` in the top level of the repository, as to not dirty the tree of the submodule and allowing to commit the changes in the repo they are meant to be in.
|
||||||
|
## Storage
|
||||||
|
|
||||||
|
The passphrase and list of gpg user-ids are stored in `ansible-gpg-vault-store/` in the top level of the repository, as to not dirty the tree of the submodule and allowing to commit the changes in the repo they are meant to be in.
|
||||||
|
4
vault.sh
4
vault.sh
@ -23,9 +23,11 @@ fi;
|
|||||||
|
|
||||||
addUser() {
|
addUser() {
|
||||||
USER="$1"
|
USER="$1"
|
||||||
|
echo "grep for user $USER"
|
||||||
|
grep "$USER" $KEY_FILE
|
||||||
|
echo "rc=$?"
|
||||||
if ! grep -q "$USER" $KEY_FILE; then
|
if ! grep -q "$USER" $KEY_FILE; then
|
||||||
echo "$USER" >> $KEY_FILE
|
echo "$USER" >> $KEY_FILE
|
||||||
echo "INFO: added user '$USER' to key file"
|
|
||||||
else
|
else
|
||||||
echo "WARNING: user '$USER' already in key file"
|
echo "WARNING: user '$USER' already in key file"
|
||||||
fi;
|
fi;
|
||||||
|
Loading…
Reference in New Issue
Block a user