add support for encrypted vaults, organize scripts

.gitignore

@@ -1,2 +1,3 @@
 # Ignore custom group_vars
 ansible/group_vars/*.yml
+ansible/encrypted_vars

ansible/10_scripts/create_encrypted_vars.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Prompt the user for the become username and password
+read -p "Enter the become username: " become_username
+read -s -p "Enter the become password: " become_password
+echo
+
+# Create the variables file
+mkdir -p ../encrypted_vars
+cat <<EOF > ../encrypted_vars/encrypted_vars.yml
+become_username: ${become_username}
+become_password: ${become_password}
+EOF
+
+# Prompt the user for the vault password
+echo
+echo "Enter the vault password to encrypt the variables file:"
+ansible-vault encrypt ../encrypted_vars/encrypted_vars.yml
+
+# Save the vault password to a file
+read -s -p "Enter the vault password again to save it to a file: " vault_password
+echo
+echo "${vault_password}" > ../encrypted_vars/vault_password.txt
+
+# Set the permissions of the vault password file
+chmod 600 ../encrypted_vars/vault_password.txt
+
+echo "The encrypted_vars.yml has been created and encrypted."
+echo "The vault password file has been saved to ../encrypted_vars/vault_password.txt with restricted permissions."

ansible/10_scripts/target_system_htpc.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Asks you for the user password
+#ansible-playbook -i ../inventory ../playbook.yml -e "target_system=htpc" --ask-become-pass
+
+# Runs from the encrypted variables
+ansible-playbook -i ../inventory ../playbook.yml -e "target_system=htpc" --vault-password-file ../encrypted_vars/vault_password.txt

ansible/10_scripts/target_system_workstation.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+# Asks you for the user password
+#ansible-playbook -i ../inventory ../playbook.yml -e "target_system=workstation" --ask-become-pass
+
+# Runs from the encrypted variables
+ansible-playbook -i ../inventory ../playbook.yml -e "target_system=workstation" --vault-password-file ../encrypted_vars/vault_password.txt