2017-01-14 04:31:10 +08:00
|
|
|
---
|
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: ../shared/check_vault.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: ../shared/check_etcd.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
|
|
|
|
2017-01-14 04:31:10 +08:00
|
|
|
## Vault Cluster Setup
|
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: configure.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: binary.yml
|
|
|
|
when: inventory_hostname in groups.vault and vault_deployment_type == "host"
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: systemd.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-01-14 04:31:10 +08:00
|
|
|
- include: init.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-01-14 04:31:10 +08:00
|
|
|
- include: unseal.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: ../shared/find_leader.yml
|
|
|
|
when: inventory_hostname in groups.vault
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: ../shared/pki_mount.yml
|
|
|
|
when: inventory_hostname == groups.vault|first
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: ../shared/config_ca.yml
|
2017-01-14 04:31:10 +08:00
|
|
|
vars:
|
2017-02-09 05:41:36 +08:00
|
|
|
ca_name: ca
|
|
|
|
mount_name: pki
|
|
|
|
when: inventory_hostname == groups.vault|first
|
2017-01-14 04:31:10 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
## Vault Policies, Roles, and Auth Backends
|
2017-01-14 04:31:10 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: role_auth_cert.yml
|
|
|
|
when: vault_role_auth_method == "cert"
|
2017-02-18 05:22:34 +08:00
|
|
|
|
2017-02-09 05:41:36 +08:00
|
|
|
- include: role_auth_userpass.yml
|
|
|
|
when: vault_role_auth_method == "userpass"
|