From 1843f43e55d36ba8df2cd9819c6ec53dd4f4c937 Mon Sep 17 00:00:00 2001
From: Max Mehl <mail@mehl.mx>
Date: Tue, 11 Jul 2023 12:44:03 +0200
Subject: [PATCH] add file encryption/decryption

---
 ansible-vault-tools.sh | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/ansible-vault-tools.sh b/ansible-vault-tools.sh
index 464c049..050ff4e 100755
--- a/ansible-vault-tools.sh
+++ b/ansible-vault-tools.sh
@@ -6,13 +6,13 @@
 
 CMD=$1
 
-# Encrypt
-if [[ $CMD == "encrypt" ]]; then
+# Encrypt string
+if [[ $CMD == "encrypt-string" ]]; then
     pass=$2
     vaultpw=$(echo -n "$pass" | ansible-vault encrypt_string 2> /dev/null)
 
-# Decrypt
-elif [[ $CMD == "decrypt" ]]; then
+# Decrypt string
+elif [[ $CMD == "decrypt-string" ]]; then
     host=$2
     var=$3
 
@@ -22,12 +22,25 @@ elif [[ $CMD == "decrypt" ]]; then
     # Parse JSON to just get the "msg"
     vaultpw=$(jq -r ".plays[].tasks[].hosts[].msg" <<< "$vaultpw")
 
+# Encrypt file
+elif [[ $CMD == "encrypt-file" ]]; then
+    file=$2
+    ansible-vault encrypt "$file"
+
+# Decrypt file
+elif [[ $CMD == "decrypt-file" ]]; then
+    file=$2
+    ansible-vault decrypt "$file"
+
 else
     echo "Invalid command"
     echo ""
     echo "Usage:"
-    echo "ansible-vault-tools encrypt <password>"
-    echo "ansible-vault-tools decrypt <host> <variable>"
+    echo "ansible-vault-tools encrypt-string <password>"
+    echo "ansible-vault-tools decrypt-string <host> <variable>"
+    echo ""
+    echo "ansible-vault-tools encrypt-file <file-path>"
+    echo "ansible-vault-tools decrypt-file <file-path>"
     exit 1
 fi