c12s-kubespray/roles/vault/tasks/cluster/pki_mount.yml

24 lines
677 B
YAML
Raw Normal View History

2017-01-13 20:31:10 +00:00
---
- name: cluster/pki_mount | Test if default PKI mount exists
uri:
url: "https://localhost:{{ vault_port }}/v1/sys/mounts/pki/tune"
headers: "{{ vault_headers }}"
validate_certs: false
ignore_errors: true
register: vault_pki_mount_check
- name: cluster/pki_mount | Mount default PKI mount if needed
uri:
url: "https://localhost:{{ vault_port }}/v1/sys/mounts/pki"
headers: "{{ vault_headers }}"
method: POST
body_format: json
body:
config:
default_lease_ttl: "{{ vault_default_lease_ttl }}"
max_lease_ttl: "{{ vault_max_lease_ttl }}"
type: pki
status_code: 204
when: vault_pki_mount_check | failed