feat(vault): add a HashiCorp Vault role

2024-06-26 00:00:00 +00:00 · 2024-06-26 00:00:00 +00:00 · ddf406fd37
commit ddf406fd37
parent 688bdae6a1
17 changed files with 477 additions and 0 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/vault/handlers/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/vault/handlers/main.yml
@ -0,0 +1,20 @@
+---
+- name: 'reload vault service'
+  become: true
+  ansible.builtin.systemd_service:
+    name: vault.service
+    enabled: true
+    state: reloaded
+
+- name: 'restart vault service'
+  become: true
+  ansible.builtin.systemd_service:
+    name: vault.service
+    daemon_reload: true
+    enabled: true
+    state: restarted
+
+- name: 'load firewall rules'
+  become: true
+  ansible.builtin.command: /usr/sbin/nft -f /etc/nftables.d/vault.nft
+  when: nft_rules.changed