kirby/documentation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add vault role

Browse Source
This commit is contained in:
kirby 2025-05-22 15:05:45 +02:00
parent 3431c8b361
commit 6b8c90605d
1 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
ansible/roles/vault/tasks/main.yml Normal file
View File

@ -0,0 +1,45 @@
---
- name: Remove hold on vault package
ansible.builtin.dpkg_selections:
name: vault
selection: install
tags: upgrade
- name: Pause to let the operator step-down master is needed
ansible.builtin.pause:
prompt: "Run vault operator step-down if needed"
echo: no
when: "'<MasterNodeName>' in inventory_hostname"
tags: upgrade
- name: Stopping vault service
ansible.builtin.systemd_service:
name: vault
state: stopped
tags: upgrade
- name: Upgrading vault package
ansible.builtin.apt:
name: vault
update_cache: true
state: latest
tags: upgrade
- name: Starting vault service
ansible.builtin.systemd_service:
name: vault
state: started
tags: upgrade
- name: Set hold on vault package
ansible.builtin.dpkg_selections:
name: vault
selection: hold
tags: upgrade
- name: Pause to unseal vault
ansible.builtin.pause:
prompt: "Go to vault interface and unseal the node : https://{{ inventory_hostname }}:8200"
echo: no
tags: upgrade