|
|
@ -13,3 +13,16 @@ Add `--check` to do a dry run
|
|
|
|
`ansible-vault edit group_vars/all/vault`
|
|
|
|
`ansible-vault edit group_vars/all/vault`
|
|
|
|
|
|
|
|
|
|
|
|
with the edditor defined in the env varible `$EDITOR` and the password of the vault in the file `.vault_password` (Carefull not to commit it!!!)
|
|
|
|
with the edditor defined in the env varible `$EDITOR` and the password of the vault in the file `.vault_password` (Carefull not to commit it!!!)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## SSH key whith passphrase
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
To avoid entering the passphrase of the ssh key for each host, we have to use an ssh-agent.
|
|
|
|
|
|
|
|
The ssh-agent with xonsh does not really works, so in my case I have to use ansible and the agent inside a sh process:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
sh
|
|
|
|
|
|
|
|
eval `ssh-agent -s`
|
|
|
|
|
|
|
|
ssh-add
|
|
|
|
|
|
|
|
ansible all -m ping # or whatever you want to do with ansible
|
|
|
|
|
|
|
|
exit
|
|
|
|
|
|
|
|
```
|
|
|
|