wbyc/terraform-certificate-automation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-certificate-autom.../ansible/roles/consul_template-legacy/README.md
Patrick de Ruiter dc269e5fc2
Some checks failed
Code Quality & Security Scan / TFLint (push) Failing after 1m11s
Details
Code Quality & Security Scan / Tfsec Security Scan (push) Has been skipped
Details
Code Quality & Security Scan / Checkov Security Scan (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Validate (push) Has been skipped
Details
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Details
Convert consul_template submodules to regular directories 
- Removed gitlink entries for consul_template-legacy and consul_template-org
- Converted from git submodules to regular directories
- Fixes: 'fatal: No url found for submodule path' error when downloading module
- Required for using module with git::https:// source in parent modules
2025-11-10 21:57:00 +01:00

50 lines
1.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#consul_template
An Ansible role to install and configure HashiCorps consul-template, securely fetching TLS certificates and private keys\
from HashiCorp Vault using AppRole authentication, rendering them to disk, and reloading services when certificates change.
### Requirements
• consul-template binary downloaded from HashiCorp releases.
• Network connectivity from the target host to the Vault instance (vault_address).
• Appropriate Vault AppRole credentials (vault_approle_role_id, vault_approle_secret_id) provisioned by Terraform or other automation.
### Role Variables
The following variables are required and should be set either through inventory or as role parameters:
| Variable | Description | Default |
| vault_address | URL of your HashiCorp Vault instance | None (required) |
| vault_approle_role_id | Vault AppRole Role ID for consul-template authentication | None (required) |
| vault_approle_secret_id | Vault AppRole Secret ID for consul-template authentication | None (required) |
| environment | Environment identifier (e.g., prod, nonprod) | None (required) |
| short_hostname | Short hostname of the target server (used in file naming) | None (required) |
### Dependencies
No direct Ansible Galaxy role dependencies. However, it relies on Terraform to provision AppRole credentials and Vault secrets.
### Example Playbook
Example playbook demonstrating basic role usage:
```yml
- hosts: webservers
become: true
roles:
- role: consul_template
vars:
vault_address: "https://vault.example.com:8200"
vault_approle_role_id: "{{ vault_approle_role_id }}"
vault_approle_secret_id: "{{ vault_approle_secret_id }}"
environment: "prod"
short_hostname: "web01"
```
### License
BSD
### Author Information
Created by Patrick De Ruiter.
Reference in New Issue View Git Blame Copy Permalink