From df5802647e1eaeafb99bf3f7de56d7defc6ebf52 Mon Sep 17 00:00:00 2001
From: Bertrand Lanson <bertrand.lanson@protonmail.com>
Date: Fri, 5 Jan 2024 23:05:57 +0100
Subject: [PATCH] feat(vault): variabilize seal_configuration

---
 playbooks/deploy.yml         |  4 ++--
 playbooks/group_vars/all.yml | 17 +++++++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml
index e0a49aa..bc6758b 100644
--- a/playbooks/deploy.yml
+++ b/playbooks/deploy.yml
@@ -28,8 +28,8 @@
         - name: "Initialize vault cluster"  # noqa: run-once[task]
           ednxzu.hashistack.vault_init:
             api_url: "{{ hashi_vault_configuration['api_addr'] }}"
-            key_shares: 3
-            key_threshold: 2
+            key_shares: "{{ vault_seal_configuration['key_shares'] }}"
+            key_threshold: "{{ vault_seal_configuration['key_threshold'] }}"
           run_once: true
           retries: 5
           delay: 5
diff --git a/playbooks/group_vars/all.yml b/playbooks/group_vars/all.yml
index 93651c4..73987df 100644
--- a/playbooks/group_vars/all.yml
+++ b/playbooks/group_vars/all.yml
@@ -82,6 +82,9 @@ hashi_consul_configuration: {}
 ##########################
 
 vault_cluster_name: vault
+vault_seal_configuration:
+  key_shares: 3
+  key_threshold: 2
 
 ###############
 # vault storage
@@ -116,6 +119,20 @@ vault_tls_listener_configuration:
 
 vault_extra_listener_configuration: {}
 
+############################
+# vault service registration
+############################
+vault_enable_service_registration: false
+vault_service_registration_configuration:
+  consul:
+    address: "127.0.0.1:8500"
+    scheme: "http"
+
+#############################
+# vault plugins configuration
+#############################
+
+
 #########################
 # vault container volumes
 #########################