Update to 2023-07-08 16:00

2025-08-07 09:07:03 +02:00 · 2023-07-08 16:00:11 +02:00
parent f16dd6e98d
commit d87c1bdc89
60 changed files with 708 additions and 439 deletions
--- a/roles/vault_agent/tasks/install.yml
+++ b/roles/vault_agent/tasks/install.yml
@@ -0,0 +1,47 @@
+---
+
+- name: Install systemd unit
+  template: src=vault-agent.service.j2 dest=/etc/systemd/system/vault-agent.service
+  register: vault_agent_unit
+  notify: restart vault-agent
+  tags: vault,consul,nomad
+
+- name: Install Nomad templates
+  template: src=nomad/{{ item }}.j2 dest={{ vault_agent_root_dir }}/templates/nomad/{{ item }}
+  loop:
+    - vault.env.tpl
+    - agent_bundle.pem.tpl
+    - cli_bundle.pem.tpl
+    - consul_bundle.pem.tpl
+    - consul.env.tpl
+  notify: restart vault-agent
+  tags: vault,consul,nomad
+
+- name: Install Consul templates
+  template: src=consul/{{ item }}.j2 dest={{ vault_agent_root_dir }}/templates/consul/{{ item }}
+  loop:
+    - agent_bundle.pem.tpl
+  notify: restart vault-agent
+  tags: vault,consul,nomad
+
+- name: Create tmpfile fragment
+  copy:
+    content: |
+      d /run/vault_agent 770 root root
+    dest: /etc/tmpfiles.d/vault-agent.conf
+  register: vault_tmpfiles
+  tags: vault,consul,nomad
+
+- name: Create tmpfiles
+  command: systemd-tmpfiles --create
+  when: vault_tmpfiles.changed
+  tags: vault,consul,nomad
+
+- name: Reload systemd
+  systemd: daemon_reload=True
+  when: vault_agent_unit.changed
+  tags: vault,consul,nomad
+
+- name: Install Nomad API access updater
+  template: src=nomad/update_nomad_cert.sh.j2 dest={{ vault_agent_root_dir }}/bin/update_nomad_cert.sh mode=755
+  tags: vault,consul,nomad