Ok I just tried my custom vagrant-triggers and can confirm it doesn’t work anymore with Trellis 0.9.5 and up.
The problem is, the trigger commands need to read the database credentials in the wordpress_sites loop, but since the db_password
variable is moved to the (encrypted) vault.yml, the database dump or import won’t succeed because there is no password set in the command. So I’m trying something like this now:
config_file = File.join(ANSIBLE_PATH, 'group_vars', 'development', 'wordpress_sites.yml')
vault_file = File.join(ANSIBLE_PATH, 'group_vars', 'development', 'vault.yml')
if File.exists?(config_file)
wordpress_sites = YAML.load_file(config_file)['wordpress_sites']
vaults = YAML.load_file(vault_file)['vaults'] --vault-password-file .vault_pass
#vaults = ansible-vault YAML.load_file(vault_file)
fail_with_message "No sites found in #{config_file}." if wordpress_sites.to_h.empty?
else
fail_with_message "#{config_file} was not found. Please set `ANSIBLE_PATH` in your Vagrantfile."
end
# Vagrant Triggers
#
# If the vagrant-triggers plugin is installed, we can run various scripts on Vagrant
# state changes like `vagrant up`, `vagrant halt`, `vagrant suspend`, and `vagrant destroy`
#
# These scripts are run on the host machine, so we use `vagrant ssh` to tunnel back
# into the VM and execute things.
#
if Vagrant.has_plugin? 'vagrant-triggers'
vaults.each_pair do |vault|
#
# Get database password
#
db_pass = vault['env']['db_password']
end
wordpress_sites.each_pair do |site|
#
# Get database credentials
#
db_name = site['env']['db_name']
db_user = site['env']['db_user']
#
# Importing database
#
config.trigger.after [:up, :resume, :reload], :force => true do
info "Importing databases"
run_remote "cd /srv/database/backups/ mysql -u #{db_user} -p#{db_pass} #{db_name} < /srv/database/backups/#{db_name}.sql"
end
#
# Exporting database
#
config.trigger.before [:halt, :suspend, :destroy], :force => true do
info "Dumping databases"
run_remote "mysqldump -u #{db_user} -p#{db_pass} #{db_name} > /srv/database/backups/#{db_name}.sql"
end
end
else
puts 'vagrant-triggers missing, please install the plugin:'
puts 'vagrant plugin install vagrant-triggers'
end
But that’s obviously not working yet…
How exactly can I load and set the db_password variables from the encrypted group_vars/development/vault.yml
file?
http://docs.ansible.com/ansible/playbooks_vault.html#viewing-encrypted-files
Or is this not gonna work like this?
Any help is welcome, thanks!