60 lines
1.7 KiB
Markdown
60 lines
1.7 KiB
Markdown
# Ansible: Vault Password File Not Found
|
|
|
|
## Error
|
|
|
|
```
|
|
[WARNING]: Error getting vault password file (default): The vault password file /Users/majorlinux/.ansible/vault_pass was not found
|
|
[ERROR]: The vault password file /Users/majorlinux/.ansible/vault_pass was not found
|
|
```
|
|
|
|
## Cause
|
|
|
|
Ansible is configured to look for a vault password file at `~/.ansible/vault_pass`, but the file does not exist. This is typically set in `ansible.cfg` via the `vault_password_file` directive.
|
|
|
|
## Solutions
|
|
|
|
### Option 1: Remove the vault config (if you're not using Vault)
|
|
|
|
Check your `ansible.cfg` for this line and remove it if Vault is not needed:
|
|
|
|
```ini
|
|
[defaults]
|
|
vault_password_file = ~/.ansible/vault_pass
|
|
```
|
|
|
|
### Option 2: Create the vault password file
|
|
|
|
```bash
|
|
echo 'your_vault_password' > ~/.ansible/vault_pass
|
|
chmod 600 ~/.ansible/vault_pass
|
|
```
|
|
|
|
> **Security note:** Keep permissions tight (`600`) so only your user can read the file. The actual vault password is stored in Bitwarden under the "Ansible Vault Password" entry.
|
|
|
|
### Option 3: Pass the password at runtime (no file needed)
|
|
|
|
```bash
|
|
ansible-playbook test.yml --ask-vault-pass
|
|
```
|
|
|
|
## Diagnosing the Source of the Config
|
|
|
|
To find which config file is setting `vault_password_file`, run:
|
|
|
|
```bash
|
|
ansible-config dump --only-changed
|
|
```
|
|
|
|
This shows all non-default config values and their source files. Config is loaded in this order of precedence:
|
|
|
|
1. `ANSIBLE_CONFIG` environment variable
|
|
2. `./ansible.cfg` (current directory)
|
|
3. `~/.ansible.cfg`
|
|
4. `/etc/ansible/ansible.cfg`
|
|
|
|
## Related
|
|
|
|
- [Ansible Getting Started](../01-linux/shell-scripting/ansible-getting-started.md)
|
|
- Vault password is stored in Bitwarden under **"Ansible Vault Password"**
|
|
- Ansible playbooks live at `~/MajorAnsible` on MajorAir/MajorMac
|