devoinc.secret

Panoramica Versioni Approfondimenti

DebOps Secret

Travis CI test-suite Ansible Galaxy

The debops.secret role allows you to have a separate folder on the Ansible Controller (different from your playbook and inventory folders) that serves as a useful "workspace" for other roles.

Here are some examples of how this role can be used in DebOps:

  • Password retrieval: You can look up passwords from the current role or from known locations for passwords from other roles. For instance, the debops.mariadb role can manage a user account in the database with a random password, which can then be looked up by another role to include in a generated configuration file.

  • Secure file storage: This role can store files safely, such as application keys generated on remote servers. For example, the debops.boxbackup role fetches client keys for backup purposes. It's important to protect this secret directory, possibly using an encrypted filesystem, as there is no built-in encryption.

  • Secure workspace: The debops.boxbackup role uses the secret directory to create and manage a Root CA for backup servers. Client and server certificates are automatically downloaded, signed, and uploaded to target servers.

  • Centralized backup: Specific roles like debops.sshd, debops.pki, and debops.monkeysphere have their own task lists that can be called by custom playbooks for backing up and restoring SSH host keys and SSL certificates. The created .tar.gz files are stored in the secret directory on the Ansible Controller.

Installation

This role requires at least Ansible version v2.0.0. To install it, use the following command:

ansible-galaxy install debops.secret

Documentation

For more details about debops.secret, check the official documentation.

Using this as a standalone role?

If you are using this role independently without DebOps, you may need to include additional roles from the DebOps common playbook into your playbook.

Explore DebOps now for a complete solution for managing your Debian-based infrastructure.

Authors and License

License: GPLv3

This role is part of DebOps. This README was generated by ansigenome.

Informazioni sul progetto

Manage sensitive data in a separate directory relative to Ansible inventory

role ldap password pki secret system
Installa
ansible-galaxy install devoinc.secret
GitHub repository
1 stelle
0 fork
0 problemi aperti
Licenza
gpl-3.0
Download
38.7k
Proprietario
Devo
Data. Evolved