Commit d55d5757 authored by Florian Pritz's avatar Florian Pritz
Browse files

Document vault key change workflow


Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 592765f5
...@@ -77,3 +77,14 @@ The following steps should be used to update our managed servers: ...@@ -77,3 +77,14 @@ The following steps should be used to update our managed servers:
- /~user/ webhost - /~user/ webhost
- irc bot (phrik) - irc bot (phrik)
- quassel core - quassel core
## Ansible repo workflows
### Replace vault password and change vaulted passwords
- Generate a new key and save it as ./new-vault-pw: `pwgen -s 64 1 > new-vault-pw`
- `for i in $(ag ANSIBLE_VAULT -l); do ansible-vault rekey --new-vault-password-file new-vault-pw $i; done`
- Change the key in misc/vault-password.gpg
- `rm new-vault-pw`
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment