From 27dac095496b284a118d4ae1e4bb78da58d3269c Mon Sep 17 00:00:00 2001
From: Timotej Lazar <timotej.lazar@fri.uni-lj.si>
Date: Tue, 13 Feb 2024 10:33:14 +0100
Subject: [PATCH] access: move secrets to password store

Keeping ansible-vault values in NetBox is too cumbersome and limited.
---
 roles/access/tasks/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/access/tasks/main.yml b/roles/access/tasks/main.yml
index 208435b..728016f 100644
--- a/roles/access/tasks/main.yml
+++ b/roles/access/tasks/main.yml
@@ -1,3 +1,7 @@
+- name: Get switch password
+  set_fact:
+    ansible_ssh_pass: '{{ lookup("passwordstore", "hosts/"~inventory_hostname, subkey="pass") }}'
+
 # This should be provided by the netbox inventory plugin but isn’t yet.
 # https://github.com/netbox-community/ansible_modules/issues/1007
 - name: Fetch configuration from netbox