Commit 8b737a63 authored by julian.gethmann's avatar julian.gethmann
Browse files

Change the vault location also in the bootstrapping section

parent 5f7e95bf
...@@ -113,7 +113,7 @@ The prompts `#` show that you are working at root. ...@@ -113,7 +113,7 @@ The prompts `#` show that you are working at root.
**Warning** Please run the following commands just once! In case anything went wrong, follow the instructions of [Decommission/Uninstall a host](#decommissionuninstall-a-host) **Warning** Please run the following commands just once! In case anything went wrong, follow the instructions of [Decommission/Uninstall a host](#decommissionuninstall-a-host)
* Get a Kerberos ticket (``obelix# kinit -f admin@LAS.KIT.EDU``) * Get a Kerberos ticket (``obelix# kinit -f admin@LAS.KIT.EDU``)
* Go to ansible, by `cd /root/ansible` * Go to ansible, by `cd /root/ansible`
* Run `ansible-playbook -l lasXXX.las.kit.edu add_ipa_host.yml --vault-id @prompt` * Run `ansible-playbook -l lasXXX.las.kit.edu add_ipa_host.yml --vault-password-file password`
and provide the root password for the new host. and provide the root password for the new host.
...@@ -123,8 +123,8 @@ You may also want to save and run the sudo rule for one user and computer (snipp ...@@ -123,8 +123,8 @@ You may also want to save and run the sudo rule for one user and computer (snipp
* edit the ``add_ipa_host.yml`` and uncomment the uninstall step in it. * edit the ``add_ipa_host.yml`` and uncomment the uninstall step in it.
## Edit encrypted files ## Edit encrypted files
* You can either use `ansible-vault edit --vault-id @prompt group_vars/all/vault.yml` to edit the file in your editor mentioned in the `$EDITOR` environment variable or * You can either use `ansible-vault edit --vault-password-file group_vars/all/vault.yml` to edit the file in your editor mentioned in the `$EDITOR` environment variable or
* you can decrypt the file `ansible-vault decrypt --vault-id @prompt group_vars/all/vault.yml`, edit the file and encrypt it again `ansible-vault encrypt --ask-vault-pass group_vars/all/vault.yml` * you can decrypt the file `ansible-vault decrypt --vault-password-file password group_vars/all/vault.yml`, edit the file and encrypt it again `ansible-vault encrypt --ask-vault-pass group_vars/all/vault.yml`
The first one is of cause the preferred one, because there is no risk to add a unencrypted file to the repo. The first one is of cause the preferred one, because there is no risk to add a unencrypted file to the repo.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment