From 1a57617bc2438395e9e4c324b1350fccf82e6327 Mon Sep 17 00:00:00 2001
From: Thomas Constans <thomas@opendoor.fr>
Date: Wed, 17 Mar 2021 23:09:08 +0100
Subject: [PATCH] solution

---
 Readme.md                                 | 20 --------------------
 ansible_apache_formation/tasks/apache.yml |  5 ++++-
 ansible_apache_formation/vars/index.html  |  1 +
 ansible_apache_formation/vars/vault.yml   |  6 ++++++
 4 files changed, 11 insertions(+), 21 deletions(-)
 delete mode 100644 Readme.md
 create mode 100644 ansible_apache_formation/vars/index.html
 create mode 100644 ansible_apache_formation/vars/vault.yml

diff --git a/Readme.md b/Readme.md
deleted file mode 100644
index 3995b44..0000000
--- a/Readme.md
+++ /dev/null
@@ -1,20 +0,0 @@
-## Vault
-
-*Tâche*: Sécuriser des données sensibles
-
-*Condition*: quand on a des données / variables / mot de passe sensibles
-
-*Norme*: en utilisant les vaults
-
-## Pratique:
-
-Le mot de passe protégeant l'accès au répertoire /Private est en clair dans le playbook.
-
-Utiliser un vault pour que ce ne soit plus le cas.
-
-## Performance
-
-Le mot de passe n'est plus en clair dans le playbook
-
-Proposition de solution: voir branche "solution"
-
diff --git a/ansible_apache_formation/tasks/apache.yml b/ansible_apache_formation/tasks/apache.yml
index 7d15a0a..60745ec 100644
--- a/ansible_apache_formation/tasks/apache.yml
+++ b/ansible_apache_formation/tasks/apache.yml
@@ -4,6 +4,9 @@
     name: "{{ apache_package_name }}"
     state: present
 
+- name: include data in vault
+  include_vars: vault.yml
+
 - name: configuration
   notify: reload httpd
   template:
@@ -46,7 +49,7 @@
   htpasswd:
     path: "/etc/httpd/passwd"
     name: tom
-    password: "123Soleil"
+    password: "{{ apache_password }}""
     mode: 0640
     owner: root
     group: "apache"
diff --git a/ansible_apache_formation/vars/index.html b/ansible_apache_formation/vars/index.html
new file mode 100644
index 0000000..416474e
--- /dev/null
+++ b/ansible_apache_formation/vars/index.html
@@ -0,0 +1 @@
+<h1>hello World</h1>
\ No newline at end of file
diff --git a/ansible_apache_formation/vars/vault.yml b/ansible_apache_formation/vars/vault.yml
new file mode 100644
index 0000000..8b01758
--- /dev/null
+++ b/ansible_apache_formation/vars/vault.yml
@@ -0,0 +1,6 @@
+$ANSIBLE_VAULT;1.1;AES256
+62356466386137373564343137303663633638313765383439366535306131646163333364626562
+3266356338306134396364326235343236383938336632360a306231373763346632303335653030
+32616265653139383338333635386461303563623661386437326339323033623162333766626130
+3936366666313163350a616263646135346632336639313564643662316265333737613736666162
+30636134653763353333666633316432303236343366616466333937663662623766