wbyc/terraform-certificate-automation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-certificate-autom.../ansible/roles/consul_template-legacy/tasks/main.yml
Patrick de Ruiter 3af1102377
Some checks failed
Code Quality & Security Scan / TFLint (push) Failing after 38s
Details
Code Quality & Security Scan / Tfsec Security Scan (push) Has been skipped
Details
Code Quality & Security Scan / Checkov Security Scan (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Validate (push) Has been skipped
Details
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Details
Add consul_template role files from master branch 
- Added all files from consul_template-legacy and consul_template-org roles
- These roles are now regular directories instead of submodules
2025-11-10 22:01:17 +01:00

87 lines
2.8 KiB
YAML
Raw Blame History

- name: Determine architecture
set_fact:
consul_template_arch: "{{ arch_mapping[ansible_architecture] | default('amd64') }}"
- name: Download consul-template checksum file
get_url:
url: "https://releases.hashicorp.com/consul-template/{{ consul_template.version }}/consul-template_{{ consul_template.version }}_SHA256SUMS"
dest: "/tmp/consul-template_{{ consul_template.version }}_SHA256SUMS"
mode: '0644'
- name: Extract expected checksum
shell: |
grep "consul-template_{{ consul_template.version }}_linux_{{ consul_template_arch }}.zip" \
/tmp/consul-template_{{ consul_template.version }}_SHA256SUMS | cut -d' ' -f1
register: expected_checksum
changed_when: false
- name: Install consul-template
unarchive:
src: "https://releases.hashicorp.com/consul-template/{{ consul_template.version }}/consul-template_{{ consul_template.version }}_linux_{{ consul_template_arch }}.zip"
dest: "{{ consul_template.install_dir }}"
remote_src: yes
owner: root
group: root
mode: '0755'
checksum: "sha256:{{ expected_checksum.stdout }}"
- name: Create consul-template user
user:
name: "{{ consul_template.user }}"
group: "{{ consul_template.group }}"
system: yes
shell: /bin/false
home: "{{ consul_template.config_dir }}"
create_home: no
- name: Create consul-template group
group:
name: "{{ consul_template.group }}"
system: yes
- name: Create consul-template directories
file:
path: "{{ item.path }}"
state: directory
mode: "{{ item.mode }}"
owner: "{{ item.owner | default('root') }}"
group: "{{ item.group | default('root') }}"
loop:
- { path: "{{ consul_template.config_dir }}", mode: '0755', owner: "{{ consul_template.user }}", group: "{{ consul_template.group }}" }
- { path: "{{ certificate_paths.cert_dir }}", mode: '0755' }
- { path: "{{ certificate_paths.private_dir }}", mode: '0700' }
- name: Deploy consul-template template files
copy:
src: "{{ item }}"
dest: "{{ consul_template.config_dir }}/{{ item }}"
mode: '0644'
owner: "{{ consul_template.user }}"
group: "{{ consul_template.group }}"
loop:
- certificate.ctmpl
- private_key.ctmpl
- chain_pem.ctmpl
notify: restart consul-template
- name: Deploy consul-template config
template:
src: consul-template-config.hcl.j2
dest: "{{ consul_template.config_dir }}/config.hcl"
mode: '0600'
owner: "{{ consul_template.user }}"
group: "{{ consul_template.group }}"
notify: restart consul-template
- name: Deploy consul-template systemd unit
template:
src: consul-template.service.j2
dest: /etc/systemd/system/consul-template.service
- name: Enable and start consul-template
systemd:
name: consul-template
enabled: true
state: started
daemon_reload: yes
Reference in New Issue View Git Blame Copy Permalink