From 55588ddc91c55db0d8892d271d3bf7e88cfc1c28 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Tue, 4 May 2021 23:56:28 +0300
Subject: [PATCH] Fetch the Vault password from the Keepass database.

---
 ansible.cfg    | 1 +
 vault-passhole | 4 ++++
 2 files changed, 5 insertions(+)
 create mode 100755 vault-passhole

diff --git a/ansible.cfg b/ansible.cfg
index d8ca0fd..88f7e5c 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -12,6 +12,7 @@ pipelining = True
 retry_files_save_path = /tmp/
 system_warnings = True
 unparsed_is_failed = True
+vault_password_file = vault-passhole
 verbosity = 2
 
 [inventory]
diff --git a/vault-passhole b/vault-passhole
new file mode 100755
index 0000000..746cbc0
--- /dev/null
+++ b/vault-passhole
@@ -0,0 +1,4 @@
+#!/bin/sh
+set -eu
+
+ph show --field Password "${VAULT_PASSWORD_PATH:-shore.co.il/Ansible vault}"
-- 
GitLab