|
- ---
- secrets_generators:
- - password
- #- xkcd
-
- secrets_stores:
- - facts
- - local_facts
-
- secrets_set: |-
- {
- {% for secret_name in secrets_definitions.keys() %}
- {% set secrets_definition = secrets_definitions[secret_name] %}
- {% set password_length = secrets_definition.password_length | default(secrets_default_password_length) | string %}
- {% set password_chars = secrets_definition.password_chars|default(secrets_default_password_chars) %}
- {{secret_name|to_json}}:
- {{ lookup('password', '/dev/null length='+password_length+' chars='+password_chars ) | to_json }}
- ,
- {% endfor %}
- }
-
- secrets_reset: |-
- {
- {% for secret_name in secrets_definitions.keys() %}
- {% set secrets_definition = secrets_definitions[secret_name] %}
- {% if secrets_definition.reset | default(false) %}
- {{secret_name|to_json}}: {{ secrets_set[secret_name] | to_json }},
- {% endif %}
- {% endfor %}
- }
-
- secrets_set_by_store: |-
- {
- {% for store_name in secrets_stores %}
- {{store_name|to_json}}: {
- {% for secret_name in secrets_set.keys() %}
- {% set secrets_definition = secrets_definitions[secret_name] %}
- {% if store_name == secrets_definition.store | default(secrets_default_store) %}
- {{secret_name|to_json}}: {{ secrets_set[secret_name] | to_json }},
- {% endif %}
- {% endfor %}
- },
- {% endfor %}
- }
-
- secrets_reset_by_store: |-
- {
- {% for store_name in secrets_stores %}
- {{store_name|to_json}}: {
- {% for secret_name in secrets_reset.keys() %}
- {% set secrets_definition = secrets_definitions[secret_name] %}
- {% if store_name == secrets_definition.store | default(secrets_default_store) %}
- {{secret_name|to_json}}: {{ secrets_reset[secret_name] | to_json }},
- {% endif %}
- {% endfor %}
- },
- {% endfor %}
- }
|
