wbyc/terraform-certificate-automation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-certificate-autom.../ansible/roles/consul_template-legacy/README.md
Patrick de Ruiter 3af1102377
Some checks failed
Code Quality & Security Scan / TFLint (push) Failing after 38s
Details
Code Quality & Security Scan / Tfsec Security Scan (push) Has been skipped
Details
Code Quality & Security Scan / Checkov Security Scan (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Validate (push) Has been skipped
Details
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Details
Add consul_template role files from master branch 
- Added all files from consul_template-legacy and consul_template-org roles
- These roles are now regular directories instead of submodules
2025-11-10 22:01:17 +01:00

50 lines
1.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#consul_template
An Ansible role to install and configure HashiCorps consul-template, securely fetching TLS certificates and private keys\
from HashiCorp Vault using AppRole authentication, rendering them to disk, and reloading services when certificates change.
### Requirements
• consul-template binary downloaded from HashiCorp releases.
• Network connectivity from the target host to the Vault instance (vault_address).
• Appropriate Vault AppRole credentials (vault_approle_role_id, vault_approle_secret_id) provisioned by Terraform or other automation.
### Role Variables
The following variables are required and should be set either through inventory or as role parameters:
| Variable | Description | Default |
| vault_address | URL of your HashiCorp Vault instance | None (required) |
| vault_approle_role_id | Vault AppRole Role ID for consul-template authentication | None (required) |
| vault_approle_secret_id | Vault AppRole Secret ID for consul-template authentication | None (required) |
| environment | Environment identifier (e.g., prod, nonprod) | None (required) |
| short_hostname | Short hostname of the target server (used in file naming) | None (required) |
### Dependencies
No direct Ansible Galaxy role dependencies. However, it relies on Terraform to provision AppRole credentials and Vault secrets.
### Example Playbook
Example playbook demonstrating basic role usage:
```yml
- hosts: webservers
become: true
roles:
- role: consul_template
vars:
vault_address: "https://vault.example.com:8200"
vault_approle_role_id: "{{ vault_approle_role_id }}"
vault_approle_secret_id: "{{ vault_approle_secret_id }}"
environment: "prod"
short_hostname: "web01"
```
### License
BSD
### Author Information
Created by Patrick De Ruiter.
Reference in New Issue View Git Blame Copy Permalink