Hi,
I’m wondering what the best practice would be for a role which should allow the user to set a password and to store their password inside an encrypted vault.
No one wants to store their passwords in plaintext. That’s what ansible-vault is made for. But I differ between data which can be public because I don’t care about it and data which should be keeped secret like passwords. So inside my host_vars and group_vars I store everything which can be public.
I have another folder with secret_vars where I crypt my passwords. But how can get them in my role available?
Cheers
Flo