From afacdf1e7cf93722a531079217b73975eb625f3e Mon Sep 17 00:00:00 2001
From: Pedro Alvarez <pedro.alvarez@codethink.co.uk>
Date: Mon, 15 Aug 2016 11:22:40 +0100
Subject: Use Ansible Vaults to contain secret files/variables

Having them in files lying around in a local repository
is dangerous, they could be commited and pushed by accident.

Also, having these files in a mail is not good either, and makes
this repository complicated to use for us.

Change-Id: I644e1fb8228e3cb081a004547abaf654e9c449b7
---
 baserock_trove/configure-trove.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'baserock_trove')

diff --git a/baserock_trove/configure-trove.yml b/baserock_trove/configure-trove.yml
index f832e810..2f3434cd 100644
--- a/baserock_trove/configure-trove.yml
+++ b/baserock_trove/configure-trove.yml
@@ -21,7 +21,7 @@
   # course).
     - name: Install SSL certificate
       copy:
-        src: ../private/baserock.org-ssl-certificate-temporary-dsilverstone.pem
+        content: "{{ lookup('file', '../private/baserock.org-ssl-certificate-temporary-dsilverstone.pem') }}"
         dest: /etc/trove/baserock.pem
         mode: 400
 
@@ -37,7 +37,7 @@
 
     - name: Copy ssh keys
       copy:
-        src: ../private/{{ item }}
+        content: "{{ lookup('file', '../private/{{ item }}') }}"
         dest: /etc/trove/{{ item }}
       with_items:
         - admin.key.pub
-- 
cgit v1.2.1