From 2081ea949b86307e29baac45e39b80e47b25879d Mon Sep 17 00:00:00 2001
From: James Tombleson <luther38@gmail.com>
Date: Sun, 20 Oct 2019 15:46:43 -0700
Subject: [PATCH] Updated docs

---
 docs/readme.md     | 21 ++++++++++++++++++++-
 examples/hosts.yml |  4 ++--
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/docs/readme.md b/docs/readme.md
index d5e3666..49ea4f5 100644
--- a/docs/readme.md
+++ b/docs/readme.md
@@ -16,6 +16,25 @@ This will give you a quick way to see what flags are supported without having to
 
 ## Vault
 
-Vaults are a great way to store secrets in your source code.  Never store insecure secrets in a file other then for quick testing.  Even then, don't put unencrypted secrets in public locations.
+Vaults are a great way to store secrets in your source code.  Never store insecure secrets in a file other then for quick testing.  Even then, don't put un-encrypted secrets in public locations.
 
+### Config changes
+
+Before you use ansible-value you will want to update your ansible.cfg file.  Uncomment ```#vault_password_file``` and update it to where you will store your secret file.  This is a file that should be added to ```.gitignore``` so that the password is stored safely.  For reference I use .ansible_vault as my file and you can see my .gitignore file to see how I ignore it.
+
+### How to use Vault
+
+Make sure you adjusted your ansible.cfg before doing this.  That password is how vault decrypts values.
+
+```bash
+echo 'secret' > .ansible_vault
+ansible-value encrypt_string 'sshPassword'
+```
+
+With the value that was exported you would add that to the playbook that needs to be able to decrypt the secret to use it.  
+Something to note.  When the password that is stored in .ansible_vault that is defined in ansible.cfg changes, the vault might start to fail to decrypt strings.  I have not made it that far yet with vault to confirm how much this is true.
+
+## Roles
+
+Roles are very important when it comes to Ansible.  If you need to define how say pip handles actions you would build a role for it. With that role you can define how pip would work.  Do not treat roles as your playbook.  They are meant to be used as a guide and the playbook passes variables to the role to tell it how something should be configured.
 
diff --git a/examples/hosts.yml b/examples/hosts.yml
index f5d1bed..df9066d 100644
--- a/examples/hosts.yml
+++ b/examples/hosts.yml
@@ -7,7 +7,7 @@ all:
       hosts:
         172.20.0.142:
       vars:
-        ansible_user: ansible
+        ansible_user:
         ansible_connection: ssh
         ansible_password: 
         ansible_become_method: sudo
@@ -17,7 +17,7 @@ all:
       hosts:
         dev01:
       vars:
-        ansible_user: ansible
+        ansible_user:
         ansible_password: 
         ansible_connection: winrm
         ansible_port: 5985