Use ansible-vault instead of env var lookups (#18)

[jerome-caucat]

@JMLX42 What do you think of this solution?

• I replaced the single inventory with two:
  • One for development where we use the same host variables as currently.
  • One for production where the default values for the host variables are encrypted.
• So the files:
  • hosts_var/laprimaire_2022/main.yml
  • hosts.yml
• Have been replaced with:
  • inventories/development/hosts_var/laprimaire_2022/main.yml
  • inventories/development/hosts.yml
  • inventories/production/hosts_var/laprimaire_2022/main.yml
  • inventories/production/hosts_var/laprimaire_2022/vault_main.yml
  • inventories/production/hosts.yml
• The default values in inventories/production/hosts_var/laprimaire_2022/main.yml point to variables in inventories/production/hosts_var/laprimaire_2022/vault_main.yml, which is encrypted by ansible-vault.
• I kept the environment variable lookup in case we need it but it can be removed.
• To change the encrypted values we can edit inventories/production/hosts_var/laprimaire_2022/vault_main.yml using editing-encrypted-files, the current password is "password" (it should be changed).
• The development and production hosts.yml are duplicates at the moment, I could not find how to avoid this.
• In development, a vagrant up will provision using the development inventory and in production we can use the production inventory (requiring the password).
• I could not find reference to the LAPRIMAIRE_2022_SSH_KEY mentioned in the issue.

The next steps would be:

• Change the ansible-vault password (rekeying-encrypted-files) for the file inventories/production/hosts_var/laprimaire_2022/vault_main.yml.
• Store the password as a GitHub encrypted-secret.
• Change the default values in the encrypted inventories/production/hosts_var/laprimaire_2022/vault_main.yml (editing-encrypted-files).
• Do Keep the actual IP(s) of the server(s) secret #25 using ansible-vault.