ansible-collections/hcp-ansible
ansible-collections/hcp-ansible
4
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
20344bdebe
hcp-ansible/roles/vault/vars/main.yml
Bertrand Lanson 20344bdebe
All checks were successful
development / Check commit compliance (push) Successful in 25s
Details
pull-requests-open / Check commit compliance (pull_request) Successful in 8s
Details
test / Retrieve Credentials (pull_request) Successful in 32s
Details
test / end_to_end_consul (consul_default, debian11) (pull_request) Successful in 3m33s
Details
test / end_to_end_consul (consul_default, debian12) (pull_request) Successful in 3m32s
Details
test / end_to_end_consul (consul_default, ubuntu2004) (pull_request) Successful in 3m45s
Details
test / end_to_end_consul (consul_default, ubuntu2204) (pull_request) Successful in 1m35s
Details
test / end_to_end_consul (consul_default, ubuntu2404) (pull_request) Successful in 1m34s
Details
test / end_to_end_consul (consul_with_acl_enabled, debian11) (pull_request) Successful in 1m23s
Details
test / end_to_end_consul (consul_with_acl_enabled, debian12) (pull_request) Successful in 1m36s
Details
test / end_to_end_consul (consul_with_acl_enabled, ubuntu2204) (pull_request) Successful in 1m33s
Details
test / end_to_end_consul (consul_with_acl_enabled, ubuntu2004) (pull_request) Successful in 1m47s
Details
test / end_to_end_nomad (nomad_default, debian11) (pull_request) Successful in 1m6s
Details
test / end_to_end_nomad (nomad_default, debian12) (pull_request) Successful in 1m8s
Details
test / end_to_end_consul (consul_with_acl_enabled, ubuntu2404) (pull_request) Successful in 1m33s
Details
test / end_to_end_nomad (nomad_default, ubuntu2004) (pull_request) Successful in 1m13s
Details
test / end_to_end_nomad (nomad_default, ubuntu2404) (pull_request) Successful in 1m15s
Details
test / end_to_end_nomad (nomad_default, ubuntu2204) (pull_request) Successful in 1m31s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, debian11) (pull_request) Successful in 1m7s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, debian12) (pull_request) Successful in 1m9s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, ubuntu2004) (pull_request) Successful in 1m15s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, ubuntu2204) (pull_request) Successful in 1m12s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, ubuntu2404) (pull_request) Successful in 1m17s
Details
test / end_to_end_vault (vault_default, debian11) (pull_request) Successful in 1m32s
Details
test / end_to_end_vault (vault_default, debian12) (pull_request) Successful in 1m39s
Details
test / end_to_end_vault (vault_default, ubuntu2004) (pull_request) Successful in 1m36s
Details
test / end_to_end_vault (vault_default, ubuntu2204) (pull_request) Successful in 1m24s
Details
test / end_to_end_vault (vault_default, ubuntu2404) (pull_request) Successful in 1m41s
Details
test / end_to_end_vault (vault_with_raft_enabled, debian11) (pull_request) Successful in 1m23s
Details
test / end_to_end_vault (vault_with_raft_enabled, debian12) (pull_request) Successful in 1m24s
Details
test / end_to_end_vault (vault_with_raft_enabled, ubuntu2004) (pull_request) Successful in 1m28s
Details
test / end_to_end_vault (vault_with_raft_enabled, ubuntu2204) (pull_request) Successful in 1m30s
Details
test / end_to_end_vault (vault_with_raft_enabled, ubuntu2404) (pull_request) Successful in 1m32s
Details
feat: add automatic reload of vault service for certificate reloading 
This feature adds logic to automatically reload the vault service if tls is
enbabled and the certificates have changed. This only tracks certificates copied
by the extra_files logic.
2024-11-10 17:07:14 +01:00

43 lines
1.4 KiB
YAML
Raw Blame History

---
# vars file for vault
vault_user: "vault"
vault_group: "vault"
vault_binary_path: /usr/local/bin/vault
vault_deb_architecture_map:
x86_64: "amd64"
aarch64: "arm64"
armv7l: "arm"
armv6l: "arm"
vault_architecture: "{{ vault_deb_architecture_map[ansible_architecture] | default(ansible_architecture) }}"
vault_service_name: "vault"
vault_github_api: https://api.github.com/repos
vault_github_project: hashicorp/vault
vault_github_url: https://github.com
vault_repository_url: https://releases.hashicorp.com/vault
vault_certificates_reload_watchlist: |
{% filter trim %}
{% set watchlist = [] %}
{% for listener in vault_configuration.listener %}
{% if listener.get('tcp') %}
{% for key in ['tls_key_file', 'tls_cert_file', 'tls_client_ca_file'] %}
{% if listener['tcp'].get(key) %}
{{ watchlist.append(listener['tcp'][key]) }}
{% endif %}
{% endfor %}
{% endif %}
{% endfor %}
{{ watchlist | unique }}
{% endfilter %}
vault_configuration:
cluster_name: "{{ vault_cluster_name }}"
cluster_addr: "{{ 'https' if vault_enable_tls else 'http'}}://{{ vault_cluster_addr }}:8201"
api_addr: "{{ 'https' if vault_enable_tls else 'http'}}://{{ vault_cluster_addr }}:8200"
ui: "{{ vault_enable_ui }}"
disable_mlock: "{{ vault_disable_mlock }}"
disable_cache: "{{ vault_disable_cache }}"
listener: "{{ vault_listener_configuration }}"
storage: "{{ vault_storage_configuration }}"
Reference in New Issue View Git Blame Copy Permalink