jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-04-12 00:03:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
ansible-roles/roles/vault/tasks/install.yml
Daniel Berteaud 882623afc1 Update to 2024-10-24 12:00
2024-10-24 12:00:41 +02:00

49 lines
1.2 KiB
YAML
Raw Blame History

---
- name: Install dependencies
package:
name:
- jq
tags: vault
- name: Deploy systemd service unit
template: src=vault.service.j2 dest=/etc/systemd/system/vault.service
register: vault_unit
notify: restart vault
tags: vault
- name: Install consul-template unit
template: src=consul-template-vault.service.j2 dest=/etc/systemd/system/consul-template-vault.service
notify: restart consul-template-vault
register: vault_secrets_nomad_unit
tags: vault
- name: Reload systemd
systemd: daemon_reload=True
when: vault_unit.changed or vault_secrets_nomad_unit.changed
tags: vault
- name: Install dehydrated hook
template: src=dehydrated_hook.j2 dest=/etc/dehydrated/hooks_deploy_cert.d/vault mode=755
tags: vault
- name: Install profile script
copy:
content: |
#!/bin/sh
export VAULT_ADDR={{ vault_conf.api_addr }}
dest: /etc/profile.d/vault.sh
mode: 0755
tags: vault
- name: Install backup hooks
template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/vault mode=700
loop:
- pre
- post
tags: vault
- name: Install unseal script
template: src=unseal dest={{ vault_root_dir }}/bin/unseal mode=700
tags: vault
Reference in New Issue View Git Blame Copy Permalink