47 lines
1.4 KiB
YAML
47 lines
1.4 KiB
YAML
---
|
|
# task/configure file for hashicorp_vault
|
|
- name: "Ensure default vault.hcl is removed"
|
|
ansible.builtin.file:
|
|
path: /etc/vault.d/vault.hcl
|
|
state: absent
|
|
|
|
- name: "Copy vault.json template"
|
|
ansible.builtin.template:
|
|
src: vault.json.j2
|
|
dest: "{{ hashi_vault_config_dir }}/vault.json"
|
|
owner: "{{ hashi_vault_user }}"
|
|
group: "{{ hashi_vault_group }}"
|
|
mode: '0600'
|
|
notify:
|
|
- "systemctl-enable-vault"
|
|
- "systemctl-restart-vault"
|
|
|
|
- name: "Create vault.env"
|
|
ansible.builtin.template:
|
|
src: vault.env.j2
|
|
dest: "{{ hashi_vault_config_dir }}/vault.env"
|
|
owner: "{{ hashi_vault_user }}"
|
|
group: "{{ hashi_vault_group }}"
|
|
mode: '0600'
|
|
|
|
- name: "Copy extra configuration files"
|
|
when: hashi_vault_extra_files
|
|
block:
|
|
- name: "Create directory {{ hashi_vault_extra_files_dst }}"
|
|
ansible.builtin.file:
|
|
path: "{{ hashi_vault_extra_files_dst }}"
|
|
state: directory
|
|
owner: "{{ hashi_vault_user }}"
|
|
group: "{{ hashi_vault_group }}"
|
|
mode: '0755'
|
|
|
|
- name: "Copy extra configuration files"
|
|
ansible.builtin.template:
|
|
src: "{{ item }}"
|
|
dest: "{{ hashi_vault_extra_files_dst }}/{{ (item | basename).split('.')[:-1] | join('.')}}"
|
|
owner: "{{ hashi_vault_user }}"
|
|
group: "{{ hashi_vault_group }}"
|
|
mode: '0600'
|
|
with_fileglob:
|
|
- "{{ hashi_vault_extra_files_src }}/*"
|