From 2523ab8a28b20f1dc676e43a4626a510fa634a2f Mon Sep 17 00:00:00 2001
From: Trey Blancher <trey@blancher.net>
Date: Thu, 19 Mar 2026 23:56:54 -0400
Subject: [PATCH] Initial commit

---
 systemd-creds.yaml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 systemd-creds.yaml

diff --git a/systemd-creds.yaml b/systemd-creds.yaml
new file mode 100644
index 0000000..4377469
--- /dev/null
+++ b/systemd-creds.yaml
@@ -0,0 +1,27 @@
+- name:  Establish systemd-creds for use with multiple services
+  hosts:  arch debian
+  become:  true
+
+  vars_prompt:
+    - name:  passphrase
+      prompt:  "Enter password manager passphrase"
+      private:  true
+      confirm:  true
+    - name:  creds_var
+      prompt:  "Enter the environment variable where systemd will store the credential PATH"
+      private:  false
+    - name:  creds_name
+      prompt:  "Enter the credential name"
+      private:  false
+
+  tasks:
+    - name:  Create shared systemd runtime override directory
+      ansible.builtin.command:
+        cmd:  mkdir /etc/systemd/system/shared.d
+        creates:  /etc/systemd/system/shared.d
+    - name:  Create override
+      ansible.builtin.shell:
+        cmd: |
+          printf {{ passphrase }} | (echo "[Service]"; systemd-creds encrypt --name={{ creds_name }} --pretty - -) >> /etc/systemd/system/shared.d/00-systemd-creds.conf
+          printf "Environment=%s=%%d/%s\n" {{ creds_var }} {{ creds_name }} >> /etc/systemd/system/shared.d/00-systemd-creds.conf
+        #creates:  /etc/systemd/system/shared.d/00-systemd-creds.conf