> > First: Why does a task in /roles/provision_ec2/main.yml not automatically > load a dictionary (or any list I presume) from > /roles/provision_ec2/vars/developer_list.yml? Obviously vars/main.yml is > going to get extremely crowded over time, do I have to load any var file not > named 'main.yml' manually? it does, as long as oyoou import the role, if you are using an include directly to tasks/main.yml you bypass role semantics and it won't get loaded.
> Second: If I have added /group_vars/all/settings.yml to the ansible-vault, > and run a playbook which doesn't call any variables from that file, I have > realized I need to put in the vault password every time. It of course makes > sense to me why this happens (because /all is loaded every time), but is > still annoying. Is there a better way to structure my directories to avoid > putting the password in every time? Or do I need to just keep it in another > directory and manually load it when necessary? how would Ansible know that a variable inside that file is not used if it does not decrypt the file to see which variables it has? If you don't want a vault used in every play, don't put it in inventory, reference it in vars_files: in the plays that need it or set it in a group_vars dir adjacent to the plays that need it. -- Brian Coca -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJ5XC8mo1YRc5AdCjK%3DdzhyghEjgR38%2B2%3D87%2BoXbRLOzfJrpqw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
