Ansible Vault - .json not unencrypted

Question

I have a .json file which I have successfully encrypted with ansible vault:

{
  "database": {
    "username": "root",
    "password": "mypassword",
    "host": "127.0.0.1:3306",
    "name": "database"
  }
}

Encrypted with: ansible-vault encrypt config.json

Run ansible playbook with: ansible-playbook -i hosts playbook.yml --ask-vault-pass

Enter the same password and the playbook runs but the files aren't unencrypted on the server.

Any ideas?

Look more detailed answer here: http://stackoverflow.com/questions/22773294/how-to-upload-encrypted-file-using-ansible-vault — A K, Jul 02 '16 at 18:59

score 1 · Accepted Answer · answered Oct 24 '15 at 20:09

Unfortunately you can't simply encrypt files and then transfer them over. There are a few github issues about this, but ultimately the solution is that you have to store encrypted contents of a file in a variable or use the lookup plugin to get the file contents and put them remotely.

The encrypted variable should be self-explanatory. Here's a quick example of using the lookup plugin:

- copy: 
    content: "{{ lookup('file', 'files/deepest/darkest/secrets') }}" 
    dest: /remote/unencrypted/destination

Ansible Vault - .json not unencrypted

1 Answers1