diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2016-08-15 11:22:40 +0100 |
---|---|---|
committer | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2016-08-15 14:42:22 +0100 |
commit | afacdf1e7cf93722a531079217b73975eb625f3e (patch) | |
tree | 87f2a15bb1ec3b29f79f9aea83ff544a5ba91e03 /baserock_trove | |
parent | 4ecfb404b2d53425c3a3a07e251c100d6c3a89c0 (diff) | |
download | infrastructure-afacdf1e7cf93722a531079217b73975eb625f3e.tar.gz |
Use Ansible Vaults to contain secret files/variables
Having them in files lying around in a local repository
is dangerous, they could be commited and pushed by accident.
Also, having these files in a mail is not good either, and makes
this repository complicated to use for us.
Change-Id: I644e1fb8228e3cb081a004547abaf654e9c449b7
Diffstat (limited to 'baserock_trove')
-rw-r--r-- | baserock_trove/configure-trove.yml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/baserock_trove/configure-trove.yml b/baserock_trove/configure-trove.yml index f832e810..2f3434cd 100644 --- a/baserock_trove/configure-trove.yml +++ b/baserock_trove/configure-trove.yml @@ -21,7 +21,7 @@ # course). - name: Install SSL certificate copy: - src: ../private/baserock.org-ssl-certificate-temporary-dsilverstone.pem + content: "{{ lookup('file', '../private/baserock.org-ssl-certificate-temporary-dsilverstone.pem') }}" dest: /etc/trove/baserock.pem mode: 400 @@ -37,7 +37,7 @@ - name: Copy ssh keys copy: - src: ../private/{{ item }} + content: "{{ lookup('file', '../private/{{ item }}') }}" dest: /etc/trove/{{ item }} with_items: - admin.key.pub |