Update to 2022-09-20 13:00

2025-07-27 00:05:44 +02:00 · 2022-09-20 13:00:08 +02:00
parent 66df749295
commit e6019f8e32
12 changed files with 50 additions and 26 deletions
--- a/roles/vault/tasks/conf.yml
+++ b/roles/vault/tasks/conf.yml
@@ -19,6 +19,10 @@
  notify: restart vault
  tags: vault

+- name: Ensure correct permission on vault private key
+  file: path={{ vault_root_dir }}/tls/vault.key mode=640 owner=root group={{ vault_user }}
+  tags: vault
+
 - name: Setup logrotate
  template: src=logrotate.conf.j2 dest=/etc/logrotate.d/vault
  tags: vault
@@ -30,8 +34,8 @@
      template: src=consul-template.hcl.j2 dest={{ vault_root_dir }}/consul-template/consul-template.hcl mode=600 owner=root group=root
      notify: restart consul-template-vault

-    - name: Deploy Nomad certificate bundle template for consul-template
-      template: src=nomad_client_bundle.json.tpl.j2 dest={{ vault_root_dir }}/consul-template/nomad_client_bundle.json.tpl
+    - name: Deploy Nomad certificate bundle template
+      template: src=nomad_client_bundle.pem.tpl.j2 dest={{ vault_root_dir }}/consul-template/nomad_client_bundle.pem.tpl
      notify: restart consul-template-vault

    - name: Deploy the update cert hook