#!/usr/bin/env bash

if ! openssl version > /dev/null; then
    echo "You need openssl installed"
    exit -1
fi

ANSIBLE_VAULT_PASSFILE=$PWD/.ansible-vault-password

if ! [ -f ${ANSIBLE_VAULT_PASSFILE} ]; then
    echo "You need to provide the ansible vault password in a file at ${ANSIBLE_VAULT_PASSFILE}"
    exit -2
fi

TMPPASSFILE=${RANDOM}.hash
openssl passwd -6 > ${TMPPASSFILE}
echo "================================"
echo "    feed this to the role"
echo
ansible-vault encrypt_string --vault-password-file ${ANSIBLE_VAULT_PASSFILE} $(cat ${TMPPASSFILE})
echo "================================"
rm ${TMPPASSFILE}