generated from Skatteetaten/vagrant-hashistack-template
-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy path00_generate_secrets_vault.yml
26 lines (22 loc) · 1.27 KB
/
00_generate_secrets_vault.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
- name: Generate random strings to use for or trino cluster communication
set_fact:
cluster_shared_secret: "{{ lookup('password', '/dev/null chars=ascii_lowercase,digits length=12') }}"
minio_access_key: "{{ lookup('password', '/dev/null chars=ascii_lowercase,digits length=12') }}"
minio_secret_key: "{{ lookup('password', '/dev/null chars=ascii_lowercase,digits length=12') }}"
pg_username: "{{ lookup('password', '/dev/null chars=ascii_lowercase,digits length=12') }}"
pg_password: "{{ lookup('password', '/dev/null chars=ascii_lowercase,digits length=12') }}"
- name: Put credentials for minio in vault k/v
shell: vault kv put secret/dev/minio access_key="{{ minio_access_key }}" secret_key="{{ minio_secret_key }}"
run_once: true
environment:
VAULT_TOKEN: "{{ lookup('env', 'vault_master_token') }}"
- name: Generate Secrets with Vault
shell: vault kv put secret/dev/trino cluster_shared_secret="{{ cluster_shared_secret }}"
run_once: true
environment:
VAULT_TOKEN: "{{ lookup('env', 'vault_master_token') }}"
- name: Put credentials for postgres in vault k/v
shell: vault kv put secret/dev/postgres username="{{ pg_username }}" password="{{ pg_password }}"
run_once: true
environment:
VAULT_TOKEN: "{{ lookup('env', 'vault_master_token') }}"