adding vault

Author: Bryan Kendall

ansible/group_vars/alpha-vault.yml

@@ -0,0 +1,17 @@
+name: vault
+
+container_image: runnable/vault
+container_tag: v0.3.1
+
+container_run_opts: >
+  -d
+  -h {{ inventory_hostname }}
+  -v /opt/runnable/vault/vault.hcl:/vault.hcl:ro
+  -p {{ ansible_default_ipv4.address }}:8200:8200
+  --cap-add IPC_LOCK
+  --restart=always
+
+container_run_args: >
+  server
+  -log-level=warn
+  -config=/vault.hcl

ansible/roles/vault/tasks/main.yml

@@ -0,0 +1,13 @@
+- name: make vault folder
+  sudo: yes
+  file:
+    state=directory
+    name=/opt/runnable/vault
+
+- name: copy vault config
+  sudo: yes
+  template:
+    src=vault.hcl
+    dest=/opt/runnable/vault/vault.hcl
+  register: copied_config
+  tags: genDockerConfig

ansible/roles/vault/templates/vault.hcl

@@ -0,0 +1,10 @@
+backend "consul" {
+  address = "{{ ansible_default_ipv4.address }}:8500"
+  path = "vault"
+  advertise_addr = "http://{{ ansible_default_ipv4.address }}:8200"
+}
+
+listener "tcp" {
+ address = "0.0.0.0:8200"
+ tls_disable = 1
+}

ansible/vault.yml

@@ -0,0 +1,8 @@
+---
+- hosts: vault
+  vars_files:
+    - group_vars/alpha-vault.yml
+  roles:
+  - { role: notify, tags: notify }
+  - { role: vault }
+  - { role: container_start, tags: deploy }