--- - name: Bootstrap Consul values hosts: consul_instances gather_facts: false vars_files: - consul_values.yml tasks: - name: Add values delegate_to: localhost run_once: true block: - name: Install python-consul pip: name: python-consul extra_args: --index-url https://pypi.org/simple - name: Write values consul_kv: host: "{{ inventory_hostname }}" key: "{{ item.key }}" value: "{{ item.value }}" loop: "{{ consul_values | default({}) | dict2items }}" - name: Bootstrap value values hosts: vault_instances gather_facts: false vars_files: - ./vault_hashi_vault_values.yml tasks: - name: Bootstrap Vault secrets delegate_to: localhost run_once: true block: - name: Install hvac pip: name: hvac extra_args: --index-url https://pypi.org/simple - name: Check mount community.hashi_vault.vault_read: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}" path: "/sys/mounts/kv" ignore_errors: true register: check_mount - name: Create kv mount community.hashi_vault.vault_write: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}" path: "/sys/mounts/kv" data: type: kv-v2 when: check_mount is not succeeded - name: Write values no_log: true community.hashi_vault.vault_write: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}" path: "kv/data/{{ item.key }}" data: data: "{{ item.value }}" loop: "{{ hashi_vault_values | default({}) | dict2items }}" retries: 2 delay: 10 - name: Write userpass no_log: true community.hashi_vault.vault_write: url: "http://{{ inventory_hostname }}:8200" token: "{{ root_token }}" path: "auth/userpass/users/{{ item.name }}" data: '{"password": "{{ item.password }}", "policies": "{{ item.policies }}"}' loop: "{{ vault_userpass }}"