Protect vault secret with GPG
Encrypting the vault password with GPG protects the key when stored on disk and allows it to be accessed non-interactively, as long as the GnuPG agent is set up correctly.
This commit is contained in:
@@ -6,3 +6,5 @@ inventory = hosts
|
||||
gathering = smart
|
||||
fact_caching = jsonfile
|
||||
fact_caching_connection = .fact-cache
|
||||
|
||||
vault_password_file = .vault-secret.sh
|
||||
|
||||
Reference in New Issue
Block a user