From 340f2137d4818629826e15c496069dbb24a1bd06 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Wed, 8 May 2024 02:25:13 +0200 Subject: [PATCH] feat(generate_credentials): generate new accesor ids and vault token credentials --- playbooks/generate_credentials.yml | 6 ++++++ playbooks/templates/credentials.yml.j2 | 7 ++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/playbooks/generate_credentials.yml b/playbooks/generate_credentials.yml index 4f155f1..651ee32 100644 --- a/playbooks/generate_credentials.yml +++ b/playbooks/generate_credentials.yml @@ -14,8 +14,14 @@ - name: "Generate consul agents credentials" ansible.builtin.set_fact: + _cosul_agents_accessor: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" _consul_agents_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" + - name: "Generate consul vault credentials" + ansible.builtin.set_fact: + _cosul_vault_accessor: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" + _consul_vault_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" + - name: "Generate nomad credentials" block: - name: "Generate nomad root credentials" diff --git a/playbooks/templates/credentials.yml.j2 b/playbooks/templates/credentials.yml.j2 index 662a7bc..76a0ab4 100644 --- a/playbooks/templates/credentials.yml.j2 +++ b/playbooks/templates/credentials.yml.j2 @@ -3,6 +3,11 @@ consul: root_token: secret_id: "{{ _consul_root_token }}" tokens: - agent: "{{ _consul_agents_token }}" + agent: + accessor_id: "{{ _consul_agents_accesor }}" + secret_id: "{{ _consul_agents_token }}" + vault: + accessor_id: "{{ _consul_vault_accessor }}" + secret_id: "{{ _consul_vault_token }}" nomad: root_token: "{{ _nomad_root_token }}"