admin管理员组

文章数量:1333195

I have 2 jinja templates containing private key:

  • private.key (encrypted)
  • private-copy.key (need to include content of private.key)

private.key file is encrypted using ansible vault, e.g.

ansible-vault encrypt --vault-password-file ~/.pass.txt private.key

so its content looks like this:

$ANSIBLE_VAULT;1.1;AES256
123456789[...]

I'm trying to get the decrypted content of private.key

-----BEGIN RSA PRIVATE KEY-----
ABCDEfgh[...]
-----END RSA PRIVATE KEY-----

inside private-copy.key (and not its encrypted value).

I've tried the include jinja statement inside private-copy.key:

{% include "private.key" %}

but the result gives me the encrypted value in private-copy.key instead of the decrypted content of private.key.

I also know that I can use an encrypted variable and put it in private-copy.key instead of including encrypted file. For simplification purpose, I want to use directly the encrypted file (on certificates renewal, we get a file, I just wanted to use it directly).

I have 2 jinja templates containing private key:

  • private.key (encrypted)
  • private-copy.key (need to include content of private.key)

private.key file is encrypted using ansible vault, e.g.

ansible-vault encrypt --vault-password-file ~/.pass.txt private.key

so its content looks like this:

$ANSIBLE_VAULT;1.1;AES256
123456789[...]

I'm trying to get the decrypted content of private.key

-----BEGIN RSA PRIVATE KEY-----
ABCDEfgh[...]
-----END RSA PRIVATE KEY-----

inside private-copy.key (and not its encrypted value).

I've tried the include jinja statement inside private-copy.key:

{% include "private.key" %}

but the result gives me the encrypted value in private-copy.key instead of the decrypted content of private.key.

I also know that I can use an encrypted variable and put it in private-copy.key instead of including encrypted file. For simplification purpose, I want to use directly the encrypted file (on certificates renewal, we get a file, I just wanted to use it directly).

  • ansible
  • jinja2
  • ansible-vault
Share Improve this question asked Nov 20, 2024 at 15:50 TitouTitou 4143 silver badges15 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 2

Use the file lookup plugin: Ansible allows you to read the content of a file using the lookup('file', ...) plugin. When combined with ansible-vault for encrypted files, it automatically decrypts the content if the file is encrypted.

# This is private-copy.key
{{ lookup('file', 'private.key') }}

本文标签: jinja2How to include encrypted file in Ansible jinja templateStack Overflow

版权声明:本文标题:jinja2 - How to include encrypted file in Ansible jinja template? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742347240a2457770.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。