Last active
October 24, 2021 21:38
-
-
Save toke/ebc49b7dd08d7b87e23921029176d3f5 to your computer and use it in GitHub Desktop.
Revisions
-
toke revised this gist
Mar 13, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ #!/usr/bin/env bash set -e # -
Nov 1, 2016 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,7 +3,9 @@ ansible_vault_pass A small helper script for usage with ansible-vault and ansible-playbook together with pass. Written by Thomas Kerpe <[email protected]> - Public Domain Say you have stored the vault-password for the current ansible playbook in pass under the name ansible/demo/vault then either add a .pass_path file with the content -
Nov 1, 2016 . No changes.There are no files selected for viewing
-
Nov 1, 2016 . 1 changed file with 5 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,11 @@ ansible-vault edit --vault-password-file ~/bin/ansible-vault-pass example.yml Even more practical: export ANSIBLE_VAULT_PASSWORD_FILE=~/bin/ansible-vault-pass then it will be used by default without specifying it. It is also useful in CI environments. Source: https://gist.github.com/toke/ebc49b7dd08d7b87e23921029176d3f5 """ -
Nov 1, 2016 . No changes.There are no files selected for viewing
-
Nov 1, 2016 . No changes.There are no files selected for viewing
-
Oct 31, 2016 . 1 changed file with 50 additions and 20 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,30 +1,60 @@ #!/usr/bin/env python2 """ ansible_vault_pass A small helper script for usage with ansible-vault and ansible-playbook together with pass Say you have stored the vault-password for the current ansible playbook in pass under the name ansible/demo/vault then either add a .pass_path file with the content ansible/demo/vault or add a entry in the ansible.cfg: [pass] vault=ansible/demo/vault Now you can call ansible-vault-pass to get the password for the vault. It is especially useful like this: ansible-playbook site.yml --vault-password-file ~/bin/ansible-vault-pass or ansible-vault edit --vault-password-file ~/bin/ansible-vault-pass example.yml Even more practical: export ANSIBLE_VAULT_PASSWORD_FILE=~/bin/ansible-vault-pass then it will be used by default without specifying it. It is also useful in CI environments. Source: https://gist.github.com/toke/ebc49b7dd08d7b87e23921029176d3f5 """ import os.path import subprocess import ansible.constants from ConfigParser import NoOptionError, NoSectionError def get_vault_password(): """ The magic happenz """ pass_name = "" if os.path.isfile(".pass_path"): with open(".pass_path") as f: pass_name = f.read() elif ansible.constants.CONFIG_FILE: try: pass_name = ansible.constants.p.get("pass", "vault") except NoOptionError: pass except NoSectionError: pass else: pass if pass_name: c = subprocess.call(["pass", pass_name]) exit(c) if __name__ == '__main__': get_vault_password() -
Oct 31, 2016 . 1 changed file with 30 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,30 @@ #!/usr/bin/env python # # More robust version of ansible-vault-pass.bash written in python # # import os.path import subprocess import ansible.constants from ConfigParser import NoOptionError, NoSectionError pass_name = "" if os.path.isfile(".pass_path"): with open(".pass_path") as f: pass_name = f.read() elif ansible.constants.CONFIG_FILE: try: pass_name = ansible.constants.p.get("pass", "vault") except NoOptionError: pass except NoSectionError: pass else: pass if pass_name: c = subprocess.call(["pass", pass_name]) exit(c) -
Oct 31, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -27,11 +27,11 @@ if [ -e .pass_path ] ; then elif [ -e ansible.cfg ] ; then p=$(git config -f ansible.cfg --get pass.vault) else exit 0 fi if [ ! -z "$p" ] ; then exec pass "$p" else exit 1 fi -
Oct 31, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -33,5 +33,5 @@ fi if [ ! -z "$p" ] ; then exec pass "$p" else exit 0 fi -
Oct 29, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -18,7 +18,7 @@ set -e # like this: # `ansible-playbook site.yml --vault-password-file ~/bin/ansible-vault-pass` # or `ansible-vault edit --vault-password-file ~/bin/ansible-vault-pass example.yml` # Even more practical: `export ANSIBLE_VAULT_PASSWORD_FILE=~/bin/ansible-vault-pass` then it will # be used by default without specifying it. -
Oct 29, 2016 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,11 +1,12 @@ #!/bin/bash set -e # # Written by Thomas Kerpe <[email protected]> - Public Domain # # Small helper script for usage with ansible-vault and ansible-playbook # together with [pass](https://www.passwordstore.org/) # # Say you have stored the vault-password for the current ansible playbook in pass # under the name `ansible/demo/vault` then either add a .pass_path file with the content # `ansible/demo/vault` or add a entry in the ansible.cfg: -
Oct 29, 2016 . 1 changed file with 0 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -34,7 +34,3 @@ if [ ! -z "$p" ] ; then else exit 1 fi -
Oct 29, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,7 @@ # ``` # [pass] # vault=ansible/demo/vault # ``` # Now you can call ansible-vault-pass to get the password for the vault. It is especially useful # like this: # `ansible-playbook site.yml --vault-password-file ~/bin/ansible-vault-pass` -
Oct 29, 2016 . No changes.There are no files selected for viewing
-
Oct 29, 2016 . No changes.There are no files selected for viewing
-
Oct 29, 2016 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,7 +3,8 @@ # # Written by Thomas Kerpe <[email protected]> - Public Domain # # Small helper script for usage with ansible-vault and ansible-playbook # together with [pass](https://www.passwordstore.org/) # # Say you have stored the vault-password for the current ansible playbook in pass # under the name `ansible/demo/vault` then either add a .pass_path file with the content -
Oct 29, 2016 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,7 +16,8 @@ # like this: # `ansible-playbook site.yml --vault-password-file ~/bin/ansible-vault-pass` # or `ansible-vault edit --vault-password-file ~/bin/ansible-vault-pass example.yml` # Even more practival: `export ANSIBLE_VAULT_PASSWORD_FILE=~/bin/ansible-vault-pass` then it will # be used by default without specifying it. if [ -e .pass_path ] ; then -
Oct 29, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,38 @@ #!/bin/bash # # Written by Thomas Kerpe <[email protected]> - Public Domain # # Small helper script for usage with ansible-vault and ansible-playbook together with pass # # Say you have stored the vault-password for the current ansible playbook in pass # under the name `ansible/demo/vault` then either add a .pass_path file with the content # `ansible/demo/vault` or add a entry in the ansible.cfg: # ``` # [pass] # vault=ansible/demo/vault # # Now you can call ansible-vault-pass to get the password for the vault. It is especially useful # like this: # `ansible-playbook site.yml --vault-password-file ~/bin/ansible-vault-pass` # or `ansible-vault edit --vault-password-file ~/bin/ansible-vault-pass example.yml` # if [ -e .pass_path ] ; then p=$(cat .pass_path) elif [ -e ansible.cfg ] ; then p=$(git config -f ansible.cfg --get pass.vault) else exit 1 fi if [ ! -z "$p" ] ; then exec pass "$p" else exit 1 fi