From 85fccea867ae6538f0b4cd70824992af0df28d32 Mon Sep 17 00:00:00 2001 From: Ian Fijolek Date: Wed, 27 Jul 2022 11:11:03 -0700 Subject: [PATCH] Fix consul value bootstrap and hide secrets in log --- nomad/bootstrap-values.yml | 9 +++------ nomad/setup-cluster.yml | 1 + 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/nomad/bootstrap-values.yml b/nomad/bootstrap-values.yml index 135ef41..f1c40f0 100644 --- a/nomad/bootstrap-values.yml +++ b/nomad/bootstrap-values.yml @@ -6,6 +6,7 @@ vars_files: - consul_values.yml + tasks: - name: Add values delegate_to: localhost run_once: true @@ -15,12 +16,6 @@ name: python-consul extra_args: --index-url https://pypi.org/simple - - name: Set hostname - consul_kv: - host: "{{ inventory_hostname }}" - key: global/base_hostname - value: dev.homelab - - name: Write values consul_kv: host: "{{ inventory_hostname }}" @@ -49,6 +44,7 @@ # Fails after taht too because the kv/ space has not been created yet either! Oh noes! # Maybe move data bootstrapping to after the cluster is bootstrapped - name: Write values + no_log: true community.hashi_vault.vault_write: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}" @@ -59,6 +55,7 @@ loop: "{{ hashi_vault_values | default({}) | dict2items }}" - name: Write userpass + no_log: true community.hashi_vault.vault_write: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}" diff --git a/nomad/setup-cluster.yml b/nomad/setup-cluster.yml index 29afbb6..92a1649 100644 --- a/nomad/setup-cluster.yml +++ b/nomad/setup-cluster.yml @@ -176,6 +176,7 @@ # Fails after taht too because the kv/ space has not been created yet either! Oh noes! # Maybe move data bootstrapping to after the cluster is bootstrapped - name: Write values + no_log: true community.hashi_vault.vault_write: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}"