30 lines
945 B
YAML
30 lines
945 B
YAML
---
|
|
|
|
## Vault Cluster Setup
|
|
|
|
- include: docker.yml
|
|
when: inventory_hostname in groups.vault and vault_deployment_type == "docker"
|
|
- include: init.yml
|
|
when: inventory_hostname in groups.vault
|
|
- include: unseal.yml
|
|
when: inventory_hostname in groups.vault
|
|
- include: pki_mount.yml
|
|
when: 'inventory_hostname == hostvars[groups.vault|first]["vault_leader"]'
|
|
- include: config_ca.yml
|
|
vars:
|
|
vault_url: "https://{{ vault_leader }}:{{ vault_port }}"
|
|
when: 'inventory_hostname == hostvars[groups.vault|first]["vault_leader"]'
|
|
|
|
## Sync Kubernetes Certs
|
|
|
|
- include: sync_kube_master_certs.yml
|
|
when: inventory_hostname in groups["kube-master"]
|
|
- include: sync_kube_node_certs.yml
|
|
when: inventory_hostname in groups["k8s-cluster"]
|
|
|
|
## Generate Kubernetes Certs
|
|
|
|
- include: gen_kube_master_certs.yml
|
|
when: inventory_hostname in groups["kube-master"]
|
|
- include: gen_kube_node_certs.yml
|
|
when: inventory_hostname in groups["k8s-cluster"]
|