Is there a way to have both encrypted and nonencrypted host vars?

Question

If I encrypt host_vars/* files with ansible-vault, I don\'t seem to have a chance to have nonencrypted host vars other than those residing in the inven

Answer 1

You can use this ansible feature : http://docs.ansible.com/ansible/playbooks_best_practices.html#best-practices-for-variables-and-vaults

group_vars/ 
  san_diego/
    vars.yml  # unecrypted yaml file
    vault.yml # encrypted yaml file

Ansible will read automatically vault.yml as encrypted yaml file.