52 lines
1.2 KiB
YAML
52 lines
1.2 KiB
YAML
---
|
|
- name: Include OS-specific variables
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- files:
|
|
- "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
|
|
- "{{ ansible_os_family }}.yml"
|
|
- name: add hashicorp repo
|
|
get_url:
|
|
url: "https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo"
|
|
dest: '/etc/yum.repos.d/hashicorp.repo'
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: Add Vault/Hashicorp apt key
|
|
apt_key:
|
|
url: "{{ vault_debian_repository_key_url }}"
|
|
state: present
|
|
become: true
|
|
when: ansible_pkg_mgr == 'apt'
|
|
|
|
- name: Add Vault/Hashicorp apt repo
|
|
apt_repository:
|
|
repo: "deb {{ vault_debian_repository_url }} {{ ansible_distribution_release }} main"
|
|
state: present
|
|
become: true
|
|
when: ansible_pkg_mgr == 'apt'
|
|
|
|
- name: install package
|
|
package:
|
|
name: "{{ vault_os_package }}"
|
|
state: present
|
|
|
|
- name: apply config template
|
|
block:
|
|
- name: server template
|
|
template:
|
|
src: config.hcl.j2
|
|
dest: "{{vault_config_path}}"
|
|
owner: vault
|
|
group: vault
|
|
mode: 0400
|
|
notify: restart vault
|
|
|
|
- name: ensure service is started
|
|
systemd:
|
|
name: "{{ vault_os_service }}"
|
|
state: started
|
|
enabled: True
|