From 4fecc79ecb47fc57bd49eddb3d225a7cab061a69 Mon Sep 17 00:00:00 2001
From: Thedro Neely <thedroneely@gmail.com>
Date: Wed, 29 Jan 2020 17:39:40 -0500
Subject: roles/vault: Update to 1.3.2

---
 roles/vault/main.yml | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

(limited to 'roles/vault')

diff --git a/roles/vault/main.yml b/roles/vault/main.yml
index 87c7326..31649fc 100644
--- a/roles/vault/main.yml
+++ b/roles/vault/main.yml
@@ -1,14 +1,19 @@
 ---
-- hosts: vault
+# Target: alpine3.10
+- name: Install Vault
+  hosts: vault
   vars:
     username: vault
     deploy_path: "/opt/{{ username }}"
-    version: 1.3.0
+    version: 1.3.2
+
   tasks:
+
   - name: Ensuring group exists
     group:
       name: "{{ username }}"
       state: present
+
   - name: Creating user and making home directory
     user:
       system: yes
@@ -16,6 +21,7 @@
       name: "{{ username }}"
       groups: "{{ username }}"
       home: "{{ deploy_path }}"
+
   - name: Installing the required dependencies
     apk:
       state: present
@@ -25,58 +31,71 @@
         - supervisor
         - libcap
         - unzip
+
   - block:
+
     - name: Downloading and extracting application
       unarchive:
         src: "https://releases.hashicorp.com/vault/{{ version }}/vault_{{ version }}_linux_amd64.zip"
         dest: "{{ deploy_path }}"
         remote_src: yes
+
     - name: Creating data folder
       file:
         path: "{{ deploy_path }}/data"
         state: directory
         mode: '0755'
+
     - name: Copying config file
       copy:
         src: config.json
         dest: "{{ deploy_path }}"
         mode: '0644'
       register: vaultConfig
+
     become: true
     become_user: "{{ username }}"
+
   - name: Allowing application to call mlock
     capabilities:
       path: "{{ deploy_path }}/vault"
       capability: cap_ipc_lock=+ep
       state: present
+
   - name: Copying supervisord config file
     copy:
       src: supervisord.conf
       dest: /etc/supervisord.conf
       mode: '0644'
     register: supervisorConfig
+
   - name: Ensuring supervisord has been started and enabled
     service:
       name: supervisord
       state: started
       enabled: yes
+
   - name: Waiting for supervisor to become active
     wait_for:
       port: 9100
+
   - name: Restarting supervisord due to config change
     service:
       name: supervisord
       state: restarted
     when: supervisorConfig.changed
+
   - name: Ensuring vault has been started
     supervisorctl:
       name: vault
       state: started
+
   - name: Waiting for application to become active
     wait_for:
       port: 8100
+
   - name: Restarting vault due to config change
     supervisorctl:
       name: vault
       state: restarted
-    when: vaultConfig.changed
\ No newline at end of file
+    when: vaultConfig.changed
-- 
cgit v1.2.3