Remove bootstrapping values from setup playbook
This will be done in another playbook
This commit is contained in:
parent
fbacdb2699
commit
b9ea8eb0a2
@ -61,22 +61,6 @@
|
|||||||
# If DNS is broken after dnsmasq, then need to set /etc/resolv.conf to something
|
# If DNS is broken after dnsmasq, then need to set /etc/resolv.conf to something
|
||||||
# pointing to 127.0.0.1 and possibly restart Docker and Nomad
|
# pointing to 127.0.0.1 and possibly restart Docker and Nomad
|
||||||
|
|
||||||
- name: Add values
|
|
||||||
delegate_to: localhost
|
|
||||||
run_once: true
|
|
||||||
block:
|
|
||||||
- name: Install python-consul
|
|
||||||
pip:
|
|
||||||
name: python-consul
|
|
||||||
extra_args: --index-url https://pypi.org/simple
|
|
||||||
|
|
||||||
- name: Write values
|
|
||||||
consul_kv:
|
|
||||||
host: "{{ inventory_hostname }}"
|
|
||||||
key: "{{ item.key }}"
|
|
||||||
value: "{{ item.value }}"
|
|
||||||
loop: "{{ consul_values | default({}) | dict2items }}"
|
|
||||||
|
|
||||||
- name: Setup Vault cluster
|
- name: Setup Vault cluster
|
||||||
hosts: vault_instances
|
hosts: vault_instances
|
||||||
|
|
||||||
@ -155,29 +139,6 @@
|
|||||||
- unseal_keys_hex is defined
|
- unseal_keys_hex is defined
|
||||||
- vault_status.json["sealed"]
|
- vault_status.json["sealed"]
|
||||||
|
|
||||||
- name: Bootstrap Vault secrets
|
|
||||||
delegate_to: localhost
|
|
||||||
run_once: true
|
|
||||||
block:
|
|
||||||
- name: Install hvac
|
|
||||||
pip:
|
|
||||||
name: hvac
|
|
||||||
extra_args: --index-url https://pypi.org/simple
|
|
||||||
|
|
||||||
# TODO: This fails on first run because `root_token` isn't found
|
|
||||||
# Fails after taht too because the kv/ space has not been created yet either! Oh noes!
|
|
||||||
# Maybe move data bootstrapping to after the cluster is bootstrapped
|
|
||||||
- name: Write values
|
|
||||||
no_log: true
|
|
||||||
community.hashi_vault.vault_write:
|
|
||||||
url: "http://{{ inventory_hostname }}:8200"
|
|
||||||
token: "{{ root_token }}"
|
|
||||||
path: "kv/data/{{ item.key }}"
|
|
||||||
data:
|
|
||||||
data:
|
|
||||||
"{{ item.value }}"
|
|
||||||
loop: "{{ hashi_vault_values | default({}) | dict2items }}"
|
|
||||||
|
|
||||||
# Not on Ubuntu 20.04
|
# Not on Ubuntu 20.04
|
||||||
# - name: Install Podman
|
# - name: Install Podman
|
||||||
# hosts: nomad_instances
|
# hosts: nomad_instances
|
||||||
|
Loading…
Reference in New Issue
Block a user