Ansible Vault with Ansible 2.0.0.2 copying encrypted files to server

Ash_Matadeen · April 3, 2016, 1:11pm

Has anyone else experienced this issue with ansible vault when provisioning?

The task:

name: set up bitbucket key
copy: src=roles/users/files/{{ item.username }}/bitbucket dest=/home/{{ item.username }}/.ssh/bitbucket owner=ash group=ash mode=0644
with_items: users

“src=roles/users/files/{{ item.username }}/bitbucket” is a file encrypted with ansible vault and is the only encrypted file in the playbook.

Provisioning with:
ansible-playbook -i ansible/production_inventory -l webservers ansible/playbook.yml --vault-password-file=~/.ansible_vault_pass.txt
does copy the file to the server but the file remains encrypted.

Brian_Coca · April 4, 2016, 1:55pm

Currently vault only works for variables, not actual files being copied. There are a couple of pull requests that implement this in the queue.

The way to currently make this work, is to assign the content of the files into a variable that is then put in an encrypted vars file and use the copy: content='{{varname}}' ....

Ash_Matadeen · April 5, 2016, 9:06am

Thanks Brian, that all makes sense now!

Topic		Replies	Views
file in vault (ssh private key) Ansible Project	12	4	March 28, 2014
encryption Ansible Project	3	0	February 17, 2015
Is there a task/module to create a vaulted file? Ansible Project	4	2	May 28, 2024
using copy module, with_items and a vault Ansible Project	2	1	September 25, 2014
Vault support for binary files Ansible Developer	5	0	August 28, 2015

Ansible Vault with Ansible 2.0.0.2 copying encrypted files to server

Related topics