Marty Oehme
0de79fc1d2
Instead of having the file statically (and plain-text) in the repo itself, we simply query `pass` for it instead. Slightly cumbersome syntax since ansible (afaik) does not allow a similar easy variable-enabled lookup as for become passwords, so we also whipped it into a justfile to not have to type it each time. The command line uses cat to receive the password as a 'file' on stdin.
2 lines
117 B
Makefile
2 lines
117 B
Makefile
deploy:
|
|
pass show hosting/ansible/bob/vault-password | ansible-playbook --vault-password-file=/bin/cat site.yaml
|