Ansible - Load vault password from keepass

For local playbooks using vaults, I tend to store the vault password in keepassxc. You can use the following method to retrieve the vault password directly from ansible In ~/bin/get_keepass_password.py: add the script to get the password from keepassxc: from pathlib import Path class IncorrectPassword(Exception): pass def get_keepass_password(keepass_database_path: Path, keepass_entry_name: str): import os # --- # KEEPASS PASSWORD try: keepass_password = os.environ['KEEPASS_PASSWORD'] password_provided_by_environment = True except KeyError: keepass_password = input(f'Keepass password for file {keepass_database_path....

May 17, 2023 · 3 min · Jonas DOREL

Ansible - Advanced setup

With the introduction of collections, some content can be migrated in your own collection. This is especially useful when important content from multiple sources. Also, as your ansible repo starts growing, you might not want to mix your inventories with your playbooks in the root folder. Note: this post was initially a documentation PR on github Advanced directory layout With this setup, the root of your repo is quiet simple:...

September 19, 2021 · 2 min · Jonas DOREL

Ansible - Organize your playbooks

Once you start having a lot of playbooks and some reusable tasks, you might want to organize them:: playbooks/ tools/ # Used to manipulate some hosts. Ex: ping, show_groups actions/ # For actions. Ex: update, sync, restart, ... provisionning/ # Run once provisionning playbooks. Ex: configure ssh, install python, ... hosts/ # For playbooks manipulating a single host service/ # Content related to a service manipulation. Ex: deploy monitoring on all hosts ....

September 19, 2021 · 1 min · Jonas DOREL

Ansible - Use absolute path references

Rearrange your tasks and playbooks easily with absolute paths

September 19, 2021 · 1 min · Jonas DOREL