ansible-roles/ansible-hashicorp-vault
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
70c820f3b4
ansible-hashicorp-vault/defaults/main.yml
vincent 70c820f3b4 fix: add port to default raft peer
2024-02-04 21:30:47 +01:00

34 lines
1.2 KiB
YAML
Raw Blame History

---
vault_listener_address: 0.0.0.0
vault_iface: "{{ lookup('env', 'VAULT_IFACE') | default(ansible_default_ipv4.interface, true) }}"
vault_port: 8200
vault_protocol: "http"
vault_address: "{{ hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address'] }}"
vault_cluster_address: "{{ hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address'] }}:{{ (vault_port | int) + 1 }}"
vault_cluster_addr: "{{ vault_protocol }}://{{ vault_cluster_address }}"
vault_api_addr: "{{ vault_protocol }}://{{ vault_redirect_address | default(hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address']) }}:{{ vault_port }}"
vault_tls_disable: true
# vault backup variable
vault_snapshot: false
vault_backup_location: /tmp
vault_cron_hour: 1
vault_roleid: ''
vault_secretid: ''
vault_unseal_keys_dir_output: "~/vaultUnseal"
vault_unseal_token: ""
vault_raft_group_name: "vault_raft_servers"
vault_raft_cluster_members: |
[
{% for server in groups[vault_raft_group_name] %}
{
"peer": "{{ server }}",
"api_addr": "{{ hostvars[server]['vault_api_addr'] |
default( vault_protocol + '://' + hostvars[server]['ansible_' + hostvars[server]['vault_iface']]['ipv4']['address']+ ':' + vault_port|string ) }}"
},
{% endfor %}
]
Reference in New Issue View Git Blame Copy Permalink