feat: add vault service/query altnames

- add nginx aliases for vault services
- add additional vault certificates
- change certmanager script to use vault.service.consul
This commit is contained in:
2024-05-25 14:37:13 +10:00
parent 2c3aa2bbdc
commit b9c327799f
5 changed files with 22 additions and 2 deletions
+1 -1
View File
@@ -30,7 +30,7 @@ profiles::puppet::gems::puppet:
- 'hiera-eyaml'
profiles::helpers::certmanager::vault_config:
addr: 'https://198.18.17.39:8200'
addr: 'https://vault.service.consul:8200'
mount_point: 'pki_int'
approle_path: 'approle'
role_name: 'servers_default'
+2 -1
View File
@@ -10,13 +10,14 @@ vault::download_url: http://repos.main.unkin.net/unkin/8/x86_64/os/Archives/vaul
profiles::pki::vault::alt_names:
- vault.main.unkin.net
- vault.service.consul
- vault.service.consul
- vault
# manage a simple nginx reverse proxy
profiles::nginx::simpleproxy::nginx_vhost: 'vault.service.consul'
profiles::nginx::simpleproxy::nginx_aliases:
- vault
- vault.main.unkin.net
- vault
profiles::nginx::simpleproxy::proxy_scheme: 'http'
profiles::nginx::simpleproxy::proxy_host: '127.0.0.1'
profiles::nginx::simpleproxy::proxy_port: 8200