Update to 2023-07-11 23:00

roles/vault_agent/tasks/conf.yml

@@ -18,16 +18,16 @@
     - copy: content={{ vault_agent_approle_role_id }} dest={{ vault_agent_root_dir }}/auth/role_id owner=root group=root mode=600
     - copy: content={{ vault_agent_approle_secret_id }} dest={{ vault_agent_root_dir }}/auth/secret_id owner=root group=root mode=600
     - file: path={{ vault_agent_root_dir }}/auth/token state=absent
-  when:
-    - vault_agent_auth == 'approle'
-  tags: nomad
+  when: vault_agent_auth == 'approle'
+  notify: restart vault-agent
+  tags: vault,consul,nomad
 
 - name: Setup Token auth
   block:
     - copy: content={{ vault_agent_token }} dest={{ vault_agent_root_dir }}/auth/token owner=root group=root mode=640
     - file: path={{ vault_agent_root_dir }}/auth/role_id state=absent
     - file: path={{ vault_agent_root_dir }}/auth/secret_id state=absent
-  when:
-    - vault_agent_auth == 'token'
-  tags: nomad
+  when: vault_agent_auth == 'token'
+  notify: restart vault-agent
+  tags: vault,consul,nomad
 

roles/vault_agent/templates/consul/agent_bundle.pem.tpl.j2

@@ -7,8 +7,7 @@
 [[ .CA | writeToFile "{{ consul_conf.tls.defaults.cert_file }}" "" "" "0644" "append,newline" ]]
 [[ .Key | writeToFile "{{ consul_conf.tls.defaults.key_file }}" "root" "{{ consul_user }}" "0640" ]]
 [[ end ]]
-{% else %}
+{% endif %}
 [[ with secret "{{ vault_agent_consul.consul_pki.path }}/cert/ca_chain" ]]
 [[ .Data.certificate | writeToFile "{{ consul_conf.tls.defaults.ca_file }}" "root" "{{ consul_user }}" "0644" ]]
 [[ end ]]
-{% endif %}