diff --git a/playbooks/generate_certs.yml b/playbooks/generate_certs.yml index 2fc8545..dc2913c 100644 --- a/playbooks/generate_certs.yml +++ b/playbooks/generate_certs.yml @@ -1,5 +1,5 @@ --- -# hashistack deployment playbook +# hashistack generate certificates playbook - name: "Generate certificates" hosts: all strategy: linear @@ -272,4 +272,4 @@ group: "{{ lookup('env', 'USER') }}" mode: "0644" - # - fail: \ No newline at end of file + # - fail: diff --git a/playbooks/generate_credentials.yml b/playbooks/generate_credentials.yml index 4886fa8..4f155f1 100644 --- a/playbooks/generate_credentials.yml +++ b/playbooks/generate_credentials.yml @@ -10,22 +10,24 @@ block: - name: "Generate consul root credentials" ansible.builtin.set_fact: - _consul_root_token: "{{ lookup('uuid', namespace='00000000-0000-0000-0000-000000000000') }}" + _consul_root_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" - name: "Generate consul agents credentials" ansible.builtin.set_fact: - _consul_agents_token: "{{ lookup('uuid', namespace='00000000-0000-0000-0000-000000000000') }}" + _consul_agents_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" - name: "Generate nomad credentials" block: - name: "Generate nomad root credentials" ansible.builtin.set_fact: - _nomad_root_token: "{{ lookup('uuid', namespace='00000000-0000-0000-0000-000000000000') }}" + _nomad_root_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') | to_uuid }}" - name: "Write credentials file" ansible.builtin.template: - src: credentials.yml.j2 - dest: credentials.yml + src: templates/credentials.yml.j2 + dest: "{{ sub_configuration_directories['secrets'] }}/{{ configuration_credentials_vars_file }}" + owner: "{{ lookup('env', 'USER') }}" + group: "{{ lookup('env', 'USER') }}" mode: '0644' - - fail: + # - fail: