CCCHH/ansible-infra
CCCHH/ansible-infra
2
2
Fork 1
Code Issues 7 Pull requests 9 Wiki Activity Actions

secrets(role): introduce secrets role for storing secrets
Some checks failed
/ Ansible Lint (push) Successful in 2m18s
Details
/ build (push) Failing after 2m40s
Details

Browse source 
Allows storage of secrets to then be referenced in other places.
The motivation was storing WireGuard secrets for systemd-networkd.
This commit is contained in:
June 2026-05-23 22:40:17 +02:00
commit 4574dbf4ba
Signed by: june
SSH key fingerprint: SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
8 changed files with 97 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

24
roles/secrets/README.md Normal file
View file

@ -0,0 +1,24 @@
# Role `secrets`
Allows storing the given secret contents in the configured files.
## Supported Distributions
Should work on Debian-based distributions.
## Required Arguments
None.
## Optional Arguments
- `secrets__secrets`: List of secrets.
Defaults to the empty list (`[ ]`).
- `secrets__secrets.*.name`: (File)name for the secret (in the `/etc/ansible_secrets` directory).
- `secrets__secrets.*.content`: The secret content to store.
- `secrets__secrets.*.owner`: The owner of the secret file.
Defaults to `root`.
- `secrets__secrets.*.group`: The group of the secret file.
Defaults to `root`.
- `secrets__secrets.*.mode`: The mode of the secret file.
Defaults to `0640`.