diff --git a/docs/docsite/rst/playbooks_reuse.rst b/docs/docsite/rst/playbooks_reuse.rst index 8fa12b2bf50..665a575095c 100644 --- a/docs/docsite/rst/playbooks_reuse.rst +++ b/docs/docsite/rst/playbooks_reuse.rst @@ -52,8 +52,8 @@ The primary advantage of using ``include*`` statements is looping. When a loop i Using ``include*`` does have some limitations when compared to ``import*`` statements: -* Tags which only exist inside a dynamic include will not show up in --list-tags output. -* Tasks which only exist inside a dynamic include will not show up in --list-tasks output. +* Tags which only exist inside a dynamic include will not show up in ``--list-tags`` output. +* Tasks which only exist inside a dynamic include will not show up in ``--list-tasks`` output. * You cannot use ``notify`` to trigger a handler name which comes from inside a dynamic include (see note below). * You cannot use ``--start-at-task`` to begin execution at a task inside a dynamic include. diff --git a/docs/docsite/rst/playbooks_vault.rst b/docs/docsite/rst/playbooks_vault.rst index 1e70dc069a3..d8aa64f4dda 100644 --- a/docs/docsite/rst/playbooks_vault.rst +++ b/docs/docsite/rst/playbooks_vault.rst @@ -3,9 +3,9 @@ Using Vault in playbooks .. contents:: Topics -New in Ansible 1.5, "Vault" is a feature of ansible that allows keeping sensitive data such as passwords or keys in encrypted files, rather than as plaintext in your playbooks or roles. These vault files can then be distributed or placed in source control. +Added in Ansible 1.5, "Vault" is a feature of ansible that allows keeping sensitive data such as passwords or keys in encrypted files, rather than as plaintext in your playbooks or roles. These vault files can then be distributed or placed in source control. -To enable this feature, a command line tool, `ansible-vault` is used to edit files, and a command line flag `--ask-vault-pass` or `--vault-password-file` is used. Alternately, you may specify the location of a password file or command Ansible to always prompt for the password in your ansible.cfg file. These options require no command line flag usage. +To enable this feature, a command line tool, :ref:`ansible-vault` is used to edit files, and a command line flag :option:`--ask-vault-pass ` or :option:`--vault-password-file ` is used. You can also modify your ``ansible.cfg`` file to specify the location of a password file or configure Ansible to always prompt for the password. These options require no command line flag usage. For best practices advice, refer to :ref:`best_practices_for_variables_and_vaults`. @@ -35,7 +35,7 @@ If you are using a script instead of a flat file, ensure that it is marked as ex This is something you may wish to do if using Ansible from a continuous integration system like Jenkins. -(The `--vault-password-file` option can also be used with the :ref:`ansible-pull` command if you wish, though this would require distributing the keys to your nodes, so understand the implications -- vault is more intended for push mode). +The :option:`--vault-password-file ` option can also be used with the :ref:`ansible-pull` command if you wish, though this would require distributing the keys to your nodes, so understand the implications -- vault is more intended for push mode. .. _single_encrypted_variable: @@ -66,6 +66,6 @@ Using encrypt_string ```````````````````` This command will output a string in the above format ready to be included in a YAML file. -The string to encrypt can be provided via stdin, command line args, or via an interactive prompt. +The string to encrypt can be provided via stdin, command line arguments, or via an interactive prompt. See :ref:`encrypt_string_for_use_in_yaml`. diff --git a/docs/docsite/rst/vault.rst b/docs/docsite/rst/vault.rst index 86893c966d2..a3896e4a394 100644 --- a/docs/docsite/rst/vault.rst +++ b/docs/docsite/rst/vault.rst @@ -14,12 +14,12 @@ For best practices advice, refer to :ref:`best_practices_for_variables_and_vault What Can Be Encrypted With Vault ```````````````````````````````` -The vault feature can encrypt any structured data file used by Ansible. This can include "group_vars/" or "host_vars/" inventory variables, variables loaded by "include_vars" or "vars_files", or variable files passed on the ansible-playbook command line with "-e @file.yml" or "-e @file.json". Role variables and defaults are also included! +The vault feature can encrypt any structured data file used by Ansible. This can include "group_vars/" or "host_vars/" inventory variables, variables loaded by "include_vars" or "vars_files", or variable files passed on the ansible-playbook command line with ``-e @file.yml`` or ``-e @file.json``. Role variables and defaults are also included. -Ansible tasks, handlers, and so on are also data so these can be encrypted with vault as well. To hide the names of variables that you're using, you can encrypt the task files in their entirety. However, that might be a little too much and could annoy your coworkers :) +Ansible tasks, handlers, and so on are also data so these can be encrypted with vault as well. To hide the names of variables that you're using, you can encrypt the task files in their entirety. The vault feature can also encrypt arbitrary files, even binary files. If a vault-encrypted file is -given as the 'src' argument to the :ref:`copy `, :ref:`template