Add tasks to setup gpg agent
This commit is contained in:
parent
1586057a49
commit
7151afa3f9
2
service-provider-setup/.gitignore
vendored
Normal file
2
service-provider-setup/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
dns-vars.yml
|
||||
k8s-vars.yml
|
@ -1,5 +0,0 @@
|
||||
domain: "test.wireitin.com"
|
||||
subdomain_prefix: "dss-ind"
|
||||
subdomain_cluster_control: "{{ subdomain_prefix }}-cluster-control"
|
||||
cluster_control_ip: "64.227.134.44"
|
||||
do_api_token: ""
|
3
service-provider-setup/k8s-vars.example.yml
Normal file
3
service-provider-setup/k8s-vars.example.yml
Normal file
@ -0,0 +1,3 @@
|
||||
target_host: ""
|
||||
gpg_key_id: ""
|
||||
vault_passphrase: ""
|
@ -4,8 +4,8 @@
|
||||
- name: Setup k8s
|
||||
hosts: "{{ target_host }}"
|
||||
|
||||
vars:
|
||||
target_host: "localhost"
|
||||
vars_files:
|
||||
- k8s-vars.yml
|
||||
|
||||
tasks:
|
||||
- name: Install Python and pip
|
||||
@ -29,3 +29,30 @@
|
||||
line: 'export PATH="$HOME/.local/bin:$PATH"'
|
||||
state: present
|
||||
create: yes
|
||||
|
||||
- name: Clone the service provider template repo
|
||||
git:
|
||||
repo: "https://git.vdb.to/cerc-io/service-provider-template.git"
|
||||
dest: "{{ ansible_env.HOME }}/service-provider-template"
|
||||
|
||||
- name: Update .vault/vault-keys file
|
||||
lineinfile:
|
||||
path: "service-provider-template/.vault/vault-keys"
|
||||
regexp: '^.*$'
|
||||
line: "{{ gpg_key_id }}"
|
||||
create: yes
|
||||
|
||||
- name: Start GPG agent
|
||||
command: gpg-agent --daemon
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Set VAULT_KEY environment variable
|
||||
shell: export VAULT_KEY='{{ vault_passphrase }}'
|
||||
|
||||
- name: Run vault-rekey.sh
|
||||
expect:
|
||||
command: bash .vault/vault-rekey.sh
|
||||
responses:
|
||||
"Enter passphrase:": "{{ vault_passphrase }}"
|
||||
args:
|
||||
chdir: "service-provider-template"
|
||||
|
Loading…
Reference in New Issue
Block a user