36 lines
1.1 KiB
Plaintext
36 lines
1.1 KiB
Plaintext
# agent-secret-vault installer env template
|
|
#
|
|
# Usage:
|
|
# cp install.env.example install.env
|
|
# editor install.env
|
|
# ./scripts/install-vault-pass.sh
|
|
#
|
|
# Keep real install.env private. It may contain secrets.
|
|
|
|
# Where to install/read the Ansible Vault password file.
|
|
VAULT_PASS_FILE="$HOME/.config/vault-pass.txt"
|
|
|
|
# Choose one method: create | manual | url | archive
|
|
# Leave empty for interactive menu.
|
|
INSTALL_VAULT_PASS_METHOD=""
|
|
|
|
# Method: manual
|
|
# Direct vault-pass.txt content. Avoid this unless running in a secure local shell.
|
|
VAULT_PASS_CONTENT=""
|
|
|
|
# Method: url
|
|
# One-time HTTPS URL containing vault-pass.txt.
|
|
VAULT_PASS_URL=""
|
|
|
|
# Method: archive
|
|
# Password-protected zip path defaults to secrets/vault-pass.txt.zip.
|
|
# Put the ZIP ARCHIVE PASSWORD in a local plaintext file when possible.
|
|
# This must be a small text file containing only the zip password.
|
|
# Do NOT point this to secrets/vault-pass.txt.zip, ~/.config/vault-pass.txt,
|
|
# a private key, or any binary/archive file.
|
|
VAULT_PASS_ZIP_PASSWORD_FILE=""
|
|
|
|
# Method: archive fallback
|
|
# Inline zip password. Avoid in shared shells/logging environments.
|
|
VAULT_PASS_ZIP_PASSWORD=""
|