hcp-ansible/playbooks/generate_credentials.yml

40 lines
1.6 KiB
YAML
Raw Permalink Normal View History

---
# hashistack generate certificates playbook
- name: "Generate credentials"
hosts: localhost
strategy: linear
gather_facts: true
become: true
tasks:
- name: "Generate consul credentials"
block:
- name: "Generate consul root credentials"
ansible.builtin.set_fact:
_consul_root_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}"
- name: "Generate consul agents credentials"
ansible.builtin.set_fact:
_cosul_agents_accessor: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}"
_consul_agents_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}"
- name: "Generate consul vault credentials"
ansible.builtin.set_fact:
_cosul_vault_accessor: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}"
_consul_vault_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}"
- name: "Generate nomad credentials"
block:
- name: "Generate nomad root credentials"
ansible.builtin.set_fact:
_nomad_root_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}"
- name: "Write credentials file"
ansible.builtin.template:
src: templates/credentials.yml.j2
dest: "{{ sub_configuration_directories['secrets'] }}/{{ configuration_credentials_vars_file }}"
owner: "{{ lookup('env', 'USER') }}"
group: "{{ lookup('env', 'USER') }}"
mode: '0644'
# - fail: