ansible_vault_password_file

[fanvalt]

Hello,

I try to run a playbook to connect to a windows server with host external parameters set this way:

In my inventory file, I only want to set these parameter: ansible_host and ansible_user

[windows]

ansible_host=server.fr.test ansible_user=ansible

all parameters about connection are in the playbook/group_vars/windows.yml file this way:

ansible_vault_password_file: ~/host_vars/ansible.yml

ansible_connection: winrm

ansible_port: 5986

ansible_winrm_server_cert_validation: ignore

I had the ansible_vault_password_file , so I hope when running the playbook, the password file will be found in the playbook/host_vars/ansible.yml encrypted file.

But I receive the following error:

fatal: [test1]: UNREACHABLE! => {"changed": false, "msg": "ssl: auth method ssl requires a password", "unreachable": true}

if I set the password in the inventory file, the connection is ok.

Where am I wrong ?

Regards

[fanvalt]

with the -vvvvv option, it shows the group_vars/windows.yml is correctly read, but the ansible_vaut_password_file parameter seems to be useless:

TASK [setup] *******************************************************************

<server.fr.test> ESTABLISH WINRM CONNECTION FOR USER: ansible on PORT 5986 TO server.fr.test

<server.fr.test> WINRM CONNECT: transport=ssl endpoint=https://server.fr.test:5986/wsman

<server.fr.test> WINRM CONNECTION ERROR: auth method ssl requires a password

Here is the command to run the playbook:

ansible-playbook -i ./win.ini -vvvvv connection.yml  --ask-vault-pass

[fanvalt]

The error does occur when running the parameter on the command line:

ansible-playbook -i ./win.ini -vvvvv connection.yml  --vault-password-file ~/windows_vault/host_vars/ansible.yml

I am running Ansible version 2.1.

[fanvalt]

I misunderstood the utility of the ansible_vaut_password_file parameter which is to point at the file containing the vault password and not the password to connect.

I will rewrite the host_vars and group_vars files