epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-09 03:37:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Introducing credentials_dir in order to be able to override it

Browse Source
This commit is contained in:
Erwan Miran
2018-09-03 18:04:50 +02:00
parent f0af7262b1
commit a644b7c267
7 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
roles/vault/defaults/main.yml
View File

@@ -122,7 +122,7 @@ vault_pki_mounts:
roles:
- name: userpass
group: userpass
password: "{{ lookup('password', inventory_dir + '/credentials/vault/userpass.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/userpass.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true
@@ -136,7 +136,7 @@ vault_pki_mounts:
roles:
- name: vault
group: vault
password: "{{ lookup('password', inventory_dir + '/credentials/vault/vault.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/vault.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true
@@ -149,7 +149,7 @@ vault_pki_mounts:
roles:
- name: etcd
group: etcd
password: "{{ lookup('password', inventory_dir + '/credentials/vault/etcd.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/etcd.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true
@@ -164,7 +164,7 @@ vault_pki_mounts:
roles:
- name: kube-master
group: kube-master
password: "{{ lookup('password', inventory_dir + '/credentials/vault/kube-master.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/kube-master.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true
@@ -172,7 +172,7 @@ vault_pki_mounts:
organization: "system:masters"
- name: front-proxy-client
group: kube-master
password: "{{ lookup('password', inventory_dir + '/credentials/vault/kube-proxy.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/kube-proxy.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true
@@ -180,7 +180,7 @@ vault_pki_mounts:
organization: "system:front-proxy-client"
- name: kube-node
group: k8s-cluster
password: "{{ lookup('password', inventory_dir + '/credentials/vault/kube-node.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/kube-node.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true
@@ -188,7 +188,7 @@ vault_pki_mounts:
organization: "system:nodes"
- name: kube-proxy
group: k8s-cluster
password: "{{ lookup('password', inventory_dir + '/credentials/vault/kube-proxy.creds length=15') }}"
password: "{{ lookup('password', credentials_dir + '/vault/kube-proxy.creds length=15') }}"
policy_rules: default
role_options:
allow_any_name: true