MohamedAlaa

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname

tristanfisher

Working with ansible-vault

---

I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.

What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.

Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.

noah

#!/bin/sh

KEYDIR=~/.ssh/keys.d/github-deploy
CONFDIR=~/.ssh/config.d/github-deploy

github_username=noah
github_access_token=$(cat ~/.secret/github_access_token)

rp=$(git rev-parse --is-inside-work-tree 2>/dev/null)

hvanderlaan

Ansible vault example

New in Ansible 1.5, “Vault” is a feature of ansible that allows keeping sensitive data such as passwords or keys in encrypted files, rather than as plaintext in your playbooks or roles. These vault files can then be distributed or placed in source control. To enable this feature, a command line tool, ansible-vault is used to edit files, and a command line flag –ask-vault-pass or –vault-password-file is used. Alternately, you may specify the location of a password file or command Ansible to always prompt for the password in your ansible.cfg file. These options require no command line flag usage.

Requirements

• ansible > 1.5
• openssl
• inventory file
• host_vars or group_vars
• ansible directory best practices structure