68 lines
1.5 KiB
YAML
Executable File
68 lines
1.5 KiB
YAML
Executable File
---
|
|
- name: setup vault group
|
|
group:
|
|
name: "{{ vault_usr }}"
|
|
state: "present"
|
|
|
|
- name: setup vault user
|
|
user:
|
|
name: "{{ vault_usr }}"
|
|
group: "{{ vault_grp }}"
|
|
groups:
|
|
- "{{ vault_grp }}"
|
|
comment: Virtual Vault User
|
|
shell: /sbin/nologin
|
|
state: present
|
|
|
|
- name: setup vault directories
|
|
file:
|
|
state: directory
|
|
path: "{{ item }}"
|
|
owner: "{{ vault_usr }}"
|
|
group: "{{ vault_grp }}"
|
|
mode: 0750
|
|
loop:
|
|
- "{{ vault_inst }}"
|
|
- "{{ vault_home }}"
|
|
- "{{ vault_log }}"
|
|
|
|
- name: setup vault installation link
|
|
file:
|
|
state: link
|
|
src: "{{ vault_inst }}"
|
|
dest: "{{ vault_link }}"
|
|
owner: "{{ vault_usr }}"
|
|
group: "{{ vault_grp }}"
|
|
mode: 0750
|
|
|
|
- name: download vault and unarchive
|
|
unarchive:
|
|
src: "{{ vault_source }}/{{ vault_version }}/vault_{{ vault_version }}_{{ vault_arch }}.zip"
|
|
dest: "{{ vault_link }}"
|
|
remote_src: yes
|
|
owner: "{{ vault_usr }}"
|
|
group: "{{ vault_grp }}"
|
|
mode: "o-rwx"
|
|
creates: "{{ vault_link }}/vault"
|
|
|
|
- name: setup vault config
|
|
template:
|
|
src: opt/vault/vault.conf.hcl.j2
|
|
dest: "{{ vault_home }}/vault.conf.hcl"
|
|
owner: "{{ vault_usr }}"
|
|
group: "{{ vault_grp }}"
|
|
notify: restart vault
|
|
|
|
- name: setup vault systemd unit
|
|
template:
|
|
src: etc/systemd/system/vault.service.j2
|
|
dest: /etc/systemd/system/vault.service
|
|
notify: restart vault
|
|
|
|
- name: enable vault systemd unit
|
|
systemd:
|
|
name: vault
|
|
enabled: yes
|
|
daemon_reload: yes
|
|
state: started
|