This playbook expects that security-relevant secrets are configured within the vars/secrets.yml file.
It is strongly recommended to enable Ansible Vault encryption or use Third-party lookup plugins to avoid keeping secrets in plaintext on the control node file-system.
We provide a secrets-init.yml playbook to automatically generate secure secrets and encrypt them with Ansible Vault.