feat(vault): separated vault binary install and service configuration; use provisioner artifacts directory to store HC vault setup information; set group level HC vault instance info

2024-09-23 00:00:00 +00:00 · 2024-09-23 00:00:00 +00:00 · c3305093e4
commit c3305093e4
parent b6695cf49c
6 changed files with 69 additions and 62 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/vault/tasks/initialize.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/vault/tasks/initialize.yml
@ -17,19 +17,19 @@
 - name: set init data filename
  no_log: true
  ansible.builtin.set_fact:
-    hc_vault_init_data_filename: "{{ hc_vault_init_data_filepath | default('/tmp', True) }}/vault_{{ ansible_facts['fqdn'] }}_init.yml"
+    hc_vault_init_data_filename: "{{ hc_vault_init_data_filepath | default(provisioner_facts.artifacts_dir, True) }}/hashicorp_vault_{{ ansible_facts['fqdn'] }}_init.yml"

 - name: save initialization data
  connection: local
  no_log: true
-  block:
-    - name: save content to temp file
-      ansible.builtin.copy:
-        content: '{{ init_data.stdout }}'
-        dest: '{{ hc_vault_init_data_filename }}'
-        mode: '0600'
-        owner: "{{ ansible_facts['user_id'] }}"
-        group: "{{ ansible_facts['user_id'] }}"
+  ansible.builtin.copy:
+    content: '{{ init_data.stdout }}'
+    dest: '{{ hc_vault_init_data_filename }}'
+    mode: '0600'
+    owner: "{{ ansible_facts['user_id'] }}"
+    group: "{{ ansible_facts['user_id'] }}"
+  vars:
+    ansible_python_interpreter: /usr/bin/python3

 - name: print init data file location
  no_log: true