mirror of
https://git.lapiole.org/dani/ansible-roles.git
synced 2025-04-17 02:33:17 +02:00
40 lines
1.5 KiB
YAML
40 lines
1.5 KiB
YAML
---
|
|
|
|
- name: Deploy main configuration
|
|
template: src=vault-agent.hcl.j2 dest={{ vault_agent_root_dir }}/etc/vault-agent.hcl mode=0600
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Deploy Nomad and Consul configuration
|
|
template: src={{ item }}/{{ item }}.hcl.j2 dest={{ vault_agent_root_dir }}/etc/{{ item }}.hcl
|
|
loop:
|
|
- nomad
|
|
- consul
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Setup AppRole auth
|
|
block:
|
|
- copy: content={{ vault_agent_approle_role_id }} dest={{ vault_agent_root_dir }}/auth/role_id owner=root group=root mode=600
|
|
- copy: content={{ vault_agent_approle_secret_id }} dest={{ vault_agent_root_dir }}/auth/secret_id owner=root group=root mode=600
|
|
- file: path={{ vault_agent_root_dir }}/auth/token state=absent
|
|
when: vault_agent_auth == 'approle'
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Setup Token auth
|
|
block:
|
|
- copy: content={{ vault_agent_token }} dest={{ vault_agent_root_dir }}/auth/token owner=root group=root mode=640
|
|
- file: path={{ vault_agent_root_dir }}/auth/role_id state=absent
|
|
- file: path={{ vault_agent_root_dir }}/auth/secret_id state=absent
|
|
when: vault_agent_auth == 'token'
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Deploy templates
|
|
copy: content={{ item.data }} dest={{ vault_agent_root_dir }}/templates/ansible/{{ item.destination | regex_replace('/', '_') }}
|
|
when: item.data is defined
|
|
loop: "{{ vault_agent_templates }}"
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|