mateusz/portfolio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
35e6b139fc86cbec4334580bcd707905e025e067
portfolio/professional-infra/linux-operations-automation/VAULT_GUIDE.md
T
Mateusz Suski 35e6b139fc
ci / validate (push) Failing after 1m8s
Details
Initial CV-aligned infrastructure portfolio 
Rework portfolio around Linux operations, Zabbix monitoring, migration validation, and ELK/Grafana log observability.

Add AAP-style LVM resize workflow, Zabbix server/proxy/agent automation assets, Linux/AIX monitoring templates, and updated validation CI.
2026-05-04 17:37:24 +00:00

1.1 KiB
Raw Blame History

Vault Configuration Guide

Overview

The current portfolio demo does not require Ansible Vault for make test or make demo. Secrets are intentionally kept out of the main validation path so reviewers can run the project offline.

Use Vault only when extending the simulator to manage real hosts or credentials.

Recommended Pattern

  1. Start from the example file:
cp group_vars/vault.example.yml group_vars/vault.yml

  1. Replace placeholder values locally.

  2. Encrypt the file before using it with real systems:

ansible-vault encrypt group_vars/vault.yml
  1. Do not commit real secret values. Keep group_vars/vault.example.yml as the committed reference.

Running With Vault

ansible-playbook -i inventory/hosts.ini playbooks/provision.yml --ask-vault-pass

or:

ansible-playbook -i inventory/hosts.ini playbooks/provision.yml --vault-password-file ~/.vault_pass.txt

Notes

  • The delivered playbooks do not import a vault file by default.
  • Add vars_files only in an environment-specific branch or private overlay.
  • Prefer a secret manager or automation controller for production use.
Reference in New Issue View Git Blame Copy Permalink