ansible-collections/hcp-ansible
ansible-collections/hcp-ansible
4
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat/major-revamp #11

Merged
lanson merged 42 commits from fix/various into main 2024-08-17 14:54:28 +00:00
Conversation 0 Commits 42 Files Changed 163 +27 -5
1 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 594188b28f - Show all commits

32
playbooks/generate_credentials.yml
View File

@ -1,7 +1,7 @@
--- ---
# hashistack generate certificates playbook # hashistack generate certificates playbook
- name: "Generate credentials" - name: "Generate credentials"
hosts: localhost hosts: deployment
strategy: linear strategy: linear
gather_facts: true gather_facts: true
become: true become: true
@ -9,8 +9,19 @@
- name: "Generate consul credentials" - name: "Generate consul credentials"
block: block:
- name: "Generate consul gossip encryption key" - name: "Generate consul gossip encryption key"
ansible.builtin.set_fact: block:
_consul_gossip_encryption_key: "{{ lookup('ansible.builtin.password', '/dev/null', chars=['ascii_letters','digits']) | b64encode }}" - name: "Generate 24 random bytes and base64 encode"
ansible.builtin.shell:
cmd: |
set -o pipefail
dd if=/dev/urandom bs=24 count=1 2>/dev/null | base64
executable: /bin/bash
changed_when: false
register: _consul_random_base64_string
- name: "Generate consul gossip encryption key"
ansible.builtin.set_fact:
_consul_gossip_encryption_key: "{{ _consul_random_base64_string.stdout }}"
- name: "Generate consul root credentials" - name: "Generate consul root credentials"
ansible.builtin.set_fact: ansible.builtin.set_fact:
@ -39,8 +50,19 @@
- name: "Generate nomad credentials" - name: "Generate nomad credentials"
block: block:
- name: "Generate nomad gossip encryption key" - name: "Generate nomad gossip encryption key"
ansible.builtin.set_fact: block:
_nomad_gossip_encryption_key: "{{ lookup('ansible.builtin.password', '/dev/null', chars=['ascii_letters','digits']) | b64encode }}" - name: "Generate 24 random bytes and base64 encode"
ansible.builtin.shell:
cmd: |
set -o pipefail
dd if=/dev/urandom bs=24 count=1 2>/dev/null | base64
executable: /bin/bash
changed_when: false
register: _nomad_random_base64_string
- name: "Generate nomad gossip encryption key"
ansible.builtin.set_fact:
_nomad_gossip_encryption_key: "{{ _nomad_random_base64_string.stdout }}"
- name: "Generate nomad root credentials" - name: "Generate nomad root credentials"
ansible.builtin.set_fact: ansible.builtin.set_fact: