~canonical-ci-engineering/ubuntu-ci-services-itself/ansible

Viewing changes to docs/man/man1/ansible-vault.1

Committer: Package Import Robot
Author(s): Harlan Lieberman-Berg
Date: 2014-04-01 22:00:24 UTC
mfrom: (1.1.9)
Revision ID: package-import@ubuntu.com-20140401220024-jkxyhf2ggcv7xmqa

Tags: 1.5.4+dfsg-1

http://bugs.debian.org/743027

* Pull missing manpages from upstream development branch.
* New upstream version 1.5.4, security update.
* Add patch to correct directory_mode functionality. (Closes: #743027)

files added:
.pc/743027-fix.patch

.pc/743027-fix.patch/lib

.pc/743027-fix.patch/lib/ansible

.pc/743027-fix.patch/lib/ansible/module_utils

.pc/743027-fix.patch/lib/ansible/module_utils/basic.py

.pc/ansible-galaxy-manpage.patch

.pc/ansible-galaxy-manpage.patch/Makefile

.pc/ansible-galaxy-manpage.patch/docs

.pc/ansible-galaxy-manpage.patch/docs/man

.pc/ansible-galaxy-manpage.patch/docs/man/man1

.pc/ansible-galaxy-manpage.patch/docs/man/man1/ansible-galaxy.1

.pc/ansible-galaxy-manpage.patch/docs/man/man1/ansible-galaxy.1.asciidoc.in

.pc/ansible-vault-manpage.patch

.pc/ansible-vault-manpage.patch/Makefile

.pc/ansible-vault-manpage.patch/docs

.pc/ansible-vault-manpage.patch/docs/man

.pc/ansible-vault-manpage.patch/docs/man/man1

.pc/ansible-vault-manpage.patch/docs/man/man1/ansible-vault.1

.pc/ansible-vault-manpage.patch/docs/man/man1/ansible-vault.1.asciidoc.in

debian/patches/743027-fix.patch

debian/patches/ansible-galaxy-manpage.patch

debian/patches/ansible-vault-manpage.patch

docs/man/man1/ansible-galaxy.1

docs/man/man1/ansible-galaxy.1.asciidoc.in

docs/man/man1/ansible-vault.1

docs/man/man1/ansible-vault.1.asciidoc.in

files modified:
.pc/applied-patches

CHANGELOG.md

Makefile

RELEASES.txt

VERSION

debian/ansible.manpages

debian/changelog

debian/copyright

debian/patches/series

docsite/rst/playbooks_variables.rst

lib/ansible/__init__.py

lib/ansible/module_utils/basic.py

lib/ansible/playbook/__init__.py

lib/ansible/playbook/play.py

lib/ansible/runner/__init__.py

lib/ansible/utils/__init__.py

library/packaging/apt_repository

packaging/debian/changelog

packaging/rpm/ansible.spec

Show diffs side-by-side

added added

removed removed

docs/man/man1/ansible-vault.1

'\" t

.\" Title: ansible-vault

.\" Author: [see the "AUTHOR" section]

.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>

.\" Date: 03/17/2014

.\" Manual: System administration commands

.\" Source: Ansible 1.6

.\" Language: English

.\"

.TH "ANSIBLE\-VAULT" "1" "03/17/2014" "Ansible 1\&.6" "System administration commands"

.\" -----------------------------------------------------------------

.\" * Define some portability stuff

.\" -----------------------------------------------------------------

.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.\" http://bugs.debian.org/507673

.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html

.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.ie \n(.g .ds Aq \(aq

.el .ds Aq '

.\" -----------------------------------------------------------------

.\" * set default formatting

.\" -----------------------------------------------------------------

.\" disable hyphenation

.nh

.\" disable justification (adjust text to left margin only)

.ad l

.\" -----------------------------------------------------------------

.\" * MAIN CONTENT STARTS HERE *

.\" -----------------------------------------------------------------

.SH "NAME"

ansible-vault \- manage encrypted YAML data\&.

.SH "SYNOPSIS"

.sp

ansible\-vault [create|decrypt|edit|encrypt|rekey] [\-\-help] [options] file_name

.SH "DESCRIPTION"

.sp

\fBansible\-vault\fR can encrypt any structured data file used by Ansible\&. This can include \fBgroup_vars/\fR or \fBhost_vars/\fR inventory variables, variables loaded by \fBinclude_vars\fR or \fBvars_files\fR, or variable files passed on the ansible\-playbook command line with \fB\-e @file\&.yml\fR or \fB\-e @file\&.json\fR\&. Role variables and defaults are also included!

.sp

Because Ansible tasks, handlers, and so on are also data, these can also be encrypted with vault\&. If you\(cqd like to not betray what variables you are even using, you can go as far to keep an individual task file entirely encrypted\&.

.SH "COMMON OPTIONS"

.sp

The following options are available to all sub\-commands:

.PP

\fB\-\-vault\-password\-file=\fR\fIFILE\fR

.RS 4

A file containing the vault password to be used during the encryption/decryption steps\&. Be sure to keep this file secured if it is used\&.

.RE

.PP

\fB\-h\fR, \fB\-\-help\fR

.RS 4

Show a help message related to the given sub\-command\&.

.RE

.PP

\fB\-\-debug\fR

.RS 4

Enable debugging output for troubleshooting\&.

.RE

.SH "CREATE"

.sp

\fB$ ansible\-vault create [options] FILE\fR

.sp

The \fBcreate\fR sub\-command is used to initialize a new encrypted file\&.

.sp

First you will be prompted for a password\&. The password used with vault currently must be the same for all files you wish to use together at the same time\&.

.sp

After providing a password, the tool will launch whatever editor you have defined with $EDITOR, and defaults to vim\&. Once you are done with the editor session, the file will be saved as encrypted data\&.

.sp

The default cipher is AES (which is shared\-secret based)\&.

.SH "EDIT"

.sp

\fB$ ansible\-vault edit [options] FILE\fR

.sp

The \fBedit\fR sub\-command is used to modify a file which was previously encrypted using ansible\-vault\&.

.sp

This command will decrypt the file to a temporary file and allow you to edit the file, saving it back when done and removing the temporary file\&.

.SH "REKEY"

.sp

*$ ansible\-vault rekey [options] FILE_1 [FILE_2, \&..., FILE_N]

.sp

The \fBrekey\fR command is used to change the password on a vault\-encrypted files\&. This command can update multiple files at once, and will prompt for both the old and new passwords before modifying any data\&.

.SH "ENCRYPT"

.sp

*$ ansible\-vault encrypt [options] FILE_1 [FILE_2, \&..., FILE_N]

.sp

The \fBencrypt\fR sub\-command is used to encrypt pre\-existing data files\&. As with the \fBrekey\fR command, you can specify multiple files in one command\&.

.SH "DECRYPT"

.sp

*$ ansible\-vault decrypt [options] FILE_1 [FILE_2, \&..., FILE_N]

.sp

The \fBdecrypt\fR sub\-command is used to remove all encryption from data files\&. The files will be stored as plain\-text YAML once again, so be sure that you do not run this command on data files with active passwords or other sensitive data\&. In most cases, users will want to use the \fBedit\fR sub\-command to modify the files securely\&.

.SH "AUTHOR"

.sp

Ansible was originally written by Michael DeHaan\&. See the AUTHORS file for a complete list of contributors\&.

.SH "COPYRIGHT"

.sp

Ansible is released under the terms of the GPLv3 License\&.

.SH "SEE ALSO"

100

.sp

101

\fBansible\fR(1), \fBansible\-pull\fR(1), \fBansible\-doc\fR(1)

102

.sp

103

Extensive documentation is available in the documentation site: http://docs\&.ansible\&.com\&. IRC and mailing list info can be found in file CONTRIBUTING\&.md, available in: https://github\&.com/ansible/ansible

Older »