Fix consul value bootstrap and hide secrets in log

This commit is contained in:
IamTheFij 2022-07-27 11:11:03 -07:00
parent 594609db64
commit 5e1b679cbb
2 changed files with 4 additions and 6 deletions

View File

@ -6,6 +6,7 @@
vars_files: vars_files:
- consul_values.yml - consul_values.yml
tasks:
- name: Add values - name: Add values
delegate_to: localhost delegate_to: localhost
run_once: true run_once: true
@ -15,12 +16,6 @@
name: python-consul name: python-consul
extra_args: --index-url https://pypi.org/simple extra_args: --index-url https://pypi.org/simple
- name: Set hostname
consul_kv:
host: "{{ inventory_hostname }}"
key: global/base_hostname
value: dev.homelab
- name: Write values - name: Write values
consul_kv: consul_kv:
host: "{{ inventory_hostname }}" host: "{{ inventory_hostname }}"
@ -49,6 +44,7 @@
# Fails after taht too because the kv/ space has not been created yet either! Oh noes! # Fails after taht too because the kv/ space has not been created yet either! Oh noes!
# Maybe move data bootstrapping to after the cluster is bootstrapped # Maybe move data bootstrapping to after the cluster is bootstrapped
- name: Write values - name: Write values
no_log: true
community.hashi_vault.vault_write: community.hashi_vault.vault_write:
url: "http://{{ inventory_hostname }}:8200" url: "http://{{ inventory_hostname }}:8200"
token: "{{ root_token }}" token: "{{ root_token }}"
@ -59,6 +55,7 @@
loop: "{{ hashi_vault_values | default({}) | dict2items }}" loop: "{{ hashi_vault_values | default({}) | dict2items }}"
- name: Write userpass - name: Write userpass
no_log: true
community.hashi_vault.vault_write: community.hashi_vault.vault_write:
url: "http://{{ inventory_hostname }}:8200" url: "http://{{ inventory_hostname }}:8200"
token: "{{ root_token }}" token: "{{ root_token }}"

View File

@ -176,6 +176,7 @@
# Fails after taht too because the kv/ space has not been created yet either! Oh noes! # Fails after taht too because the kv/ space has not been created yet either! Oh noes!
# Maybe move data bootstrapping to after the cluster is bootstrapped # Maybe move data bootstrapping to after the cluster is bootstrapped
- name: Write values - name: Write values
no_log: true
community.hashi_vault.vault_write: community.hashi_vault.vault_write:
url: "http://{{ inventory_hostname }}:8200" url: "http://{{ inventory_hostname }}:8200"
token: "{{ root_token }}" token: "{{ root_token }}"