dubzland.vault.vault_server role – Configures the HashiCorp Vault systemd server.

Note

This role is part of the dubzland.vault collection (version 1.0.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install dubzland.vault.

To use it in a playbook, specify: dubzland.vault.vault_server.

Entry point main – Configures the HashiCorp Vault systemd server.

Synopsis

• Creates a system user and group for running the vault service.

• Adds a systemd unit for managing the vault service.

• Creates a minimal vault configuration.

Parameters

Parameter	Comments
vault_server_enable_ui boolean	Controls the status of the Vault Web UI. Choices: false true ← (default)
vault_server_listen_address string	IP address the Vault server should bind to. Default: "0.0.0.0"
vault_server_listen_port integer	Port number the Vault server should listen on. Default: 8200
vault_server_storage string	Type of backend storaged used by Vault for data. Choices: "filesystem" ← (default) "s3"
vault_server_storage_filesystem_path path	Filesystem path used by Vault when vault_server_storage is filesystem. Default: "/srv/vault/data"
vault_server_storage_s3_access_key string	S3 Access key.
vault_server_storage_s3_bucket string	S3 Bucket used for storage
vault_server_storage_s3_endpoint string	Endpoint used for private S3 type installations.
vault_server_storage_s3_path_style string	Many S3 private installations (Minio, Swift, etc) use path style.
vault_server_storage_s3_region string	Region S3 bucket exists in.
vault_server_storage_s3_secret_key string	S3 Secret key.

Collection links

• Issue Tracker
• Homepage
• Repository (Sources)