ansible-hashicorp-vault/defaults/main.yml

34 lines
1.2 KiB
YAML
Raw Normal View History

2022-03-26 09:10:21 +00:00
---
2022-03-26 09:20:10 +00:00
vault_listener_address: 0.0.0.0
vault_iface: "{{ lookup('env', 'VAULT_IFACE') | default(ansible_default_ipv4.interface, true) }}"
2023-10-29 14:39:20 +00:00
vault_port: 8200
vault_protocol: "http"
vault_address: "{{ hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address'] }}"
vault_cluster_address: "{{ hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address'] }}:{{ (vault_port | int) + 1 }}"
vault_cluster_addr: "{{ vault_protocol }}://{{ vault_cluster_address }}"
vault_api_addr: "{{ vault_protocol }}://{{ vault_redirect_address | default(hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address']) }}:{{ vault_port }}"
2023-10-29 14:39:20 +00:00
vault_tls_disable: true
2023-08-27 14:54:22 +00:00
# vault backup variable
vault_snapshot: false
vault_backup_location: /tmp
vault_cron_hour: 1
2023-10-29 14:39:20 +00:00
vault_roleid: ''
vault_secretid: ''
vault_unseal_keys_dir_output: "~/vaultUnseal"
vault_unseal_token: ""
vault_raft_group_name: "vault_raft_servers"
vault_raft_cluster_members: |
[
{% for server in groups[vault_raft_group_name] %}
{
"peer": "{{ server }}",
"api_addr": "{{ hostvars[server]['vault_api_addr'] |
2024-02-04 20:30:47 +00:00
default( vault_protocol + '://' + hostvars[server]['ansible_' + hostvars[server]['vault_iface']]['ipv4']['address']+ ':' + vault_port|string ) }}"
},
{% endfor %}
]