From 8851a17a26fc0c21a15cf3380e3a0bb93a4b2f1a Mon Sep 17 00:00:00 2001
From: Alex Kotov <kotovalexarian@gmail.com>
Date: Sun, 5 Jul 2020 00:28:37 +0500
Subject: [PATCH] Use multiple vault IDs with password files

---
 .gitignore           |  2 ++
 ansible.cfg          |  1 -
 bin/ansible          |  8 ++++++++
 bin/ansible-playbook |  8 ++++++++
 bin/extra_opts.sh    | 12 ++++++++++++
 secrets/.keep        |  0
 6 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100755 bin/ansible
 create mode 100755 bin/ansible-playbook
 create mode 100644 bin/extra_opts.sh
 create mode 100644 secrets/.keep

diff --git a/.gitignore b/.gitignore
index 35879b8..fd6a1b0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,7 @@
 /backups/*
 !/backups/.keep
 /playbooks/**/*.retry
+/secrets/*
+!/secrets/.keep
 /vendor/*
 !/vendor/.keep
diff --git a/ansible.cfg b/ansible.cfg
index b881f87..77af9fc 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,5 +1,4 @@
 [defaults]
-ask_vault_pass = true
 inventory = hosts
 strategy = mitogen_linear
 strategy_plugins = vendor/mitogen-0.2.8/ansible_mitogen/plugins/strategy
diff --git a/bin/ansible b/bin/ansible
new file mode 100755
index 0000000..97f3ed4
--- /dev/null
+++ b/bin/ansible
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+FILE=$(readlink -f "$0")
+DIR=$(dirname "$FILE")
+
+. "$DIR/extra_opts.sh"
+
+exec ansible "$@" $extra_opts
diff --git a/bin/ansible-playbook b/bin/ansible-playbook
new file mode 100755
index 0000000..933a0a1
--- /dev/null
+++ b/bin/ansible-playbook
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+FILE=$(readlink -f "$0")
+DIR=$(dirname "$FILE")
+
+. "$DIR/extra_opts.sh"
+
+exec ansible-playbook "$@" $extra_opts
diff --git a/bin/extra_opts.sh b/bin/extra_opts.sh
new file mode 100644
index 0000000..906c557
--- /dev/null
+++ b/bin/extra_opts.sh
@@ -0,0 +1,12 @@
+for vault_id in default kotovalexarian
+do
+  if [ -f "secrets/$vault_id" ]; then
+    if [ -z "$extra_opts" ]; then
+      extra_opts="--vault-id"
+    else
+      extra_opts="$extra_opts --vault-id"
+    fi
+
+    extra_opts="$extra_opts $vault_id@secrets/$vault_id"
+  fi
+done
diff --git a/secrets/.keep b/secrets/.keep
new file mode 100644
index 0000000..e69de29