-
Notifications
You must be signed in to change notification settings - Fork 2
/
ansible.cfg
37 lines (33 loc) · 1.29 KB
/
ansible.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
[defaults]
roles_path=roles/internal:roles/external
remote_user = root
# The default behaviour is for handlers not to get called if a playbook fails
# for any reason. Make handlers get called
force_handlers = True
### Vault password files
# Customise this list to include any files you're going to need
#
# EG if you're only administering RTK, you'll just have:
# vault_identity_list = .vault_pass.txt,rtk@.rtk-vault-pass,ec2@.ec2-vault-pass
#
# We have included Symlinks for the current password files, just make
# sure you're a member of the right groups in Keybase.
#
### Vault IDs:
#
# rtk - right-to-know secrets
# Secrets used only by RightToKnow
# ec2 - secrets used by every service running in EC2
# eg, AWS keys, the RDS hostnames
# all - secrets used across every OA service
# Currently this includes default values for certbot and backups
# default - default ID used for things that haven't been split out
# yet. This is stored in .vault_pass.txt.
#
# Over time each service may end up with its own vault ID as we
# develop an admin team for that specific service. For now, RTK is the
# only service that has such a sub-team.
vault_identity_list = .vault_pass.txt,rtk@.rtk-vault-pass,ec2@.ec2-vault-pass,all@.all-vault-pass
inventory = inventory
[ssh_connection]
pipelining = True