48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
---
|
|
|
|
- name: Install systemd unit
|
|
template: src=vault-agent.service.j2 dest=/etc/systemd/system/vault-agent.service
|
|
register: vault_agent_unit
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Install Nomad templates
|
|
template: src=nomad/{{ item }}.j2 dest={{ vault_agent_root_dir }}/templates/nomad/{{ item }}
|
|
loop:
|
|
- vault.env.tpl
|
|
- agent_bundle.pem.tpl
|
|
- cli_bundle.pem.tpl
|
|
- consul_bundle.pem.tpl
|
|
- consul.env.tpl
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Install Consul templates
|
|
template: src=consul/{{ item }}.j2 dest={{ vault_agent_root_dir }}/templates/consul/{{ item }}
|
|
loop:
|
|
- agent_bundle.pem.tpl
|
|
notify: restart vault-agent
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Create tmpfile fragment
|
|
copy:
|
|
content: |
|
|
d /run/vault_agent 770 root root
|
|
dest: /etc/tmpfiles.d/vault-agent.conf
|
|
register: vault_tmpfiles
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Create tmpfiles
|
|
command: systemd-tmpfiles --create
|
|
when: vault_tmpfiles.changed
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Reload systemd
|
|
systemd: daemon_reload=True
|
|
when: vault_agent_unit.changed
|
|
tags: vault,consul,nomad
|
|
|
|
- name: Install Nomad API access updater
|
|
template: src=nomad/update_nomad_cert.sh.j2 dest={{ vault_agent_root_dir }}/bin/update_nomad_cert.sh mode=755
|
|
tags: vault,consul,nomad
|