From d5677c4891a45ff426d6592dbdfa7a459e7fdcbf Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Tue, 1 Nov 2022 20:37:56 +0100
Subject: [PATCH] add debian compatibility

---
 tasks/main.yml          | 14 ++++++++++++++
 templates/config.hcl.j2 |  3 +++
 vars/Debian.yml         |  9 +++++++++
 3 files changed, 26 insertions(+)
 create mode 100644 vars/Debian.yml

diff --git a/tasks/main.yml b/tasks/main.yml
index 7e49074..23d9d11 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -14,6 +14,20 @@
     mode: 0644
   when: ansible_os_family == "RedHat"
 
+- name: Add Vault/Hashicorp apt key
+  apt_key:
+    url: "{{ vault_debian_repository_key_url }}"
+    state: present
+  become: true
+  when: ansible_pkg_mgr == 'apt'
+
+- name: Add Vault/Hashicorp apt repo
+  apt_repository:
+    repo: "deb {{ vault_debian_repository_url }} {{ ansible_distribution_release }} main"
+    state: present
+  become: true
+  when: ansible_pkg_mgr == 'apt'
+
 - name: install package
   package:
     name: "{{ vault_os_package }}"
diff --git a/templates/config.hcl.j2 b/templates/config.hcl.j2
index db64324..3776e5c 100644
--- a/templates/config.hcl.j2
+++ b/templates/config.hcl.j2
@@ -9,3 +9,6 @@ address     = "{{ vault_listener_address}}:8200"
   tls_disable = 1
 }
 ui= true
+{% if ansible_virtualization_type == 'lxc' %}
+disable_mlock = true
+{%endif%}
diff --git a/vars/Debian.yml b/vars/Debian.yml
new file mode 100644
index 0000000..a6447e3
--- /dev/null
+++ b/vars/Debian.yml
@@ -0,0 +1,9 @@
+---
+vault_os_package:
+  - vault
+
+vault_os_service: vault
+
+vault_config_path: "/etc/vault.d/vault.hcl"
+vault_debian_repository_url: "https://apt.releases.hashicorp.com"
+vault_debian_repository_key_url: "{{ vault_debian_repository_url }}/gpg"