renew_vault_certificates/README.md
2023-04-16 22:26:14 +02:00

1.5 KiB

Renew vault certificates

This repository is only a mirror. Development and testing is done on a private gitlab server.

This role install consul-template and configure a service to automate renewal of TLS certificates for Hashicorp Vault on debian-based distributions.

Requirements

None.

Role Variables

Available variables are listed below, along with default values. A sample file for the default values is available in default/hashicorp_vault.yml.sample in case you need it for any group_vars or host_vars configuration.

hashi_vault_install: true # by default, set to true

This variable defines if the vault package is to be installed or not before configuring. If you install vault using another task, you can set this to false.

Dependencies

This role has a task that installs its own dependencies located in task/prerequisites.yml, so that you don't need to manage them. This role requires both ednxzu.manage_repositories and ednxzu.manage_apt_packages to install vault.

Example Playbook

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

# calling the role inside a playbook with either the default or group_vars/host_vars
- hosts: servers
  roles:
    - ednxzu.hashicorp_vault

License

MIT / BSD

Author Information

This role was created by Bertrand Lanson in 2023.