ryanc/ansible
1
0
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

add vault role

Browse Source
This commit is contained in:
Ryan Cavicchioni
2022-08-30 07:51:35 -05:00
parent 4c64613a90
commit 2b6b7aca79
6 changed files with 148 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
roles/vault/tasks/RedHat.yaml Normal file
View File

@ -0,0 +1,18 @@
---
- name: install Hashicorp yum repo
yum_repository:
name: hashicorp
description: Hashicorp Stable - $basearch
baseurl: https://rpm.releases.hashicorp.com/RHEL/$releasever/$basearch/stable
enabled: 1
gpgcheck: 1
gpgkey: https://rpm.releases.hashicorp.com/gpg
- name: install Hashicorp (test) yum repo
yum_repository:
name: hashicorp-test
description: Hashicorp Test - $basearch
baseurl: https://rpm.releases.hashicorp.com/RHEL/$releasever/$basearch/test
enabled: 0
gpgcheck: 1
gpgkey: https://rpm.releases.hashicorp.com/gpg

46
roles/vault/tasks/main.yaml Normal file
View File

@ -0,0 +1,46 @@
---
- name: gather os specific variables
include_vars: "{{ lookup('first_found', possible_files) }}"
vars:
possible_files:
files:
- "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
- "{{ ansible_distribution }}.yaml"
- "{{ ansible_os_family }}.yaml"
- "default.yaml"
paths:
- vars
- name: include os specific tasks
include_tasks: "{{ lookup('first_found', possible_files) }}"
vars:
possible_files:
files:
- "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
- "{{ ansible_distribution }}.yaml"
- "{{ ansible_os_family }}.yaml"
- "default.yaml"
paths:
- tasks
- name: install
package:
name: "{{ vault_package_name | default('vault') }}"
state: "{{ vault_package_state | default('present') }}"
- name: configure
template:
src: "{{ vault_config_template }}"
dest: "{{ vault_config_path }}"
owner: "{{ vault_config_owner }}"
group: "{{ vault_config_group }}"
mode: "{{ vault_config_mode }}"
notify: restart vault
when: not vault_agent_enabled
- name: service
service:
name: "{{ vault_service_name | default('vault') }}"
state: "{{ vault_service_state | default('started') }}"
enabled: "{{ vault_service_enabled | default(true) }}"
when: not vault_agent_enabled