Ben Vincent
8c24c6582f
- add params for version and package name - add param to cleanup openbao - add version lock (if not latest) Reviewed-on: #446
31 lines
1.0 KiB
YAML
31 lines
1.0 KiB
YAML
---
|
|
profiles::vault::server::members_role: roles::infra::storage::vault
|
|
profiles::vault::server::members_lookup: true
|
|
profiles::vault::server::data_dir: /data/vault
|
|
profiles::vault::server::plugin_dir: /opt/openbao-plugins
|
|
profiles::vault::server::manage_storage_dir: true
|
|
profiles::vault::server::tls_disable: false
|
|
profiles::vault::server::package_name: openbao
|
|
profiles::vault::server::package_ensure: 2.4.4
|
|
profiles::vault::server::disable_openbao: false
|
|
|
|
# additional altnames
|
|
profiles::pki::vault::alt_names:
|
|
- vault.main.unkin.net
|
|
- vault.service.consul
|
|
- vault.service.consul
|
|
- vault
|
|
|
|
# manage a simple nginx reverse proxy
|
|
profiles::nginx::simpleproxy::nginx_vhost: 'vault.service.consul'
|
|
profiles::nginx::simpleproxy::nginx_aliases:
|
|
- vault.main.unkin.net
|
|
- vault
|
|
profiles::nginx::simpleproxy::proxy_scheme: 'http'
|
|
profiles::nginx::simpleproxy::proxy_host: '127.0.0.1'
|
|
profiles::nginx::simpleproxy::proxy_port: 8200
|
|
profiles::nginx::simpleproxy::proxy_path: '/'
|
|
|
|
profiles::packages::include:
|
|
openbao-plugins: {}
|