23 lines
704 B
YAML
23 lines
704 B
YAML
---
|
|
- name: Check if moreutils is installed
|
|
become: true
|
|
dnf5: name=moreutils state=present
|
|
when: ansible_distribution == "Fedora"
|
|
|
|
- name: Check if moreutils is installed
|
|
become: false
|
|
pacman: name=moreutils state=present
|
|
when: ansible_distribution == "Archlinux"
|
|
|
|
- name: Reencrypt vault {{ vault_id }} key
|
|
shell: |
|
|
set -eo pipefail
|
|
age \
|
|
-i ~/.age/ansible-vault-pw \
|
|
--decrypt "{{ playbook_dir }}/../../misc/vault-{{ vault_id }}-password.age" \
|
|
| age --armor --encrypt \
|
|
{% for userid in vault_agekeys | flatten %}--recipient {{ userid }} {% endfor %} \
|
|
- \
|
|
| sponge "{{ playbook_dir }}/../../misc/vault-{{ vault_id }}-password.age"
|
|
changed_when: false
|