Remove bootstrapping values from setup playbook

This will be done in another playbook
This commit is contained in:
IamTheFij 2022-09-16 16:43:45 -07:00
parent fbacdb2699
commit b9ea8eb0a2

View File

@ -61,22 +61,6 @@
# If DNS is broken after dnsmasq, then need to set /etc/resolv.conf to something # If DNS is broken after dnsmasq, then need to set /etc/resolv.conf to something
# pointing to 127.0.0.1 and possibly restart Docker and Nomad # pointing to 127.0.0.1 and possibly restart Docker and Nomad
- name: Add values
delegate_to: localhost
run_once: true
block:
- name: Install python-consul
pip:
name: python-consul
extra_args: --index-url https://pypi.org/simple
- name: Write values
consul_kv:
host: "{{ inventory_hostname }}"
key: "{{ item.key }}"
value: "{{ item.value }}"
loop: "{{ consul_values | default({}) | dict2items }}"
- name: Setup Vault cluster - name: Setup Vault cluster
hosts: vault_instances hosts: vault_instances
@ -155,29 +139,6 @@
- unseal_keys_hex is defined - unseal_keys_hex is defined
- vault_status.json["sealed"] - vault_status.json["sealed"]
- name: Bootstrap Vault secrets
delegate_to: localhost
run_once: true
block:
- name: Install hvac
pip:
name: hvac
extra_args: --index-url https://pypi.org/simple
# TODO: This fails on first run because `root_token` isn't found
# Fails after taht too because the kv/ space has not been created yet either! Oh noes!
# Maybe move data bootstrapping to after the cluster is bootstrapped
- name: Write values
no_log: true
community.hashi_vault.vault_write:
url: "http://{{ inventory_hostname }}:8200"
token: "{{ root_token }}"
path: "kv/data/{{ item.key }}"
data:
data:
"{{ item.value }}"
loop: "{{ hashi_vault_values | default({}) | dict2items }}"
# Not on Ubuntu 20.04 # Not on Ubuntu 20.04
# - name: Install Podman # - name: Install Podman
# hosts: nomad_instances # hosts: nomad_instances