c12s-kubespray/roles/vault/tasks/cluster/main.yml

---

- include: ../shared/check_vault.yml
  when: inventory_hostname in groups.vault

- include: ../shared/check_etcd.yml
  when: inventory_hostname in groups.vault

## Vault Cluster Setup

- include: configure.yml
  when: inventory_hostname in groups.vault

- include: binary.yml
  when: inventory_hostname in groups.vault and vault_deployment_type == "host"

- include: systemd.yml
  when: inventory_hostname in groups.vault

- include: init.yml
  when: inventory_hostname in groups.vault

- include: unseal.yml
  when: inventory_hostname in groups.vault

- include: ../shared/find_leader.yml
  when: inventory_hostname in groups.vault

- include: ../shared/pki_mount.yml 
  when: inventory_hostname == groups.vault|first

- include: ../shared/config_ca.yml
  vars:
    ca_name: ca
    mount_name: pki
  when: inventory_hostname == groups.vault|first

## Vault Policies, Roles, and Auth Backends

- include: role_auth_cert.yml
  when: vault_role_auth_method == "cert"

- include: role_auth_userpass.yml
  when: vault_role_auth_method == "userpass"