47 lines
1.4 KiB
YAML
47 lines
1.4 KiB
YAML
---
|
|
# tasks file for secrets role
|
|
|
|
- name: "Validate secrets_dest parameter"
|
|
ansible.builtin.fail:
|
|
msg: "secrets_dest is required but not defined"
|
|
when: secrets_dest is not defined or secrets_dest == ""
|
|
|
|
- name: "Validate secrets_user parameter"
|
|
ansible.builtin.fail:
|
|
msg: "secrets_user is required but not defined"
|
|
when: secrets_user is not defined or secrets_user == ""
|
|
|
|
- name: "Validate secrets_group parameter"
|
|
ansible.builtin.fail:
|
|
msg: "secrets_group is required but not defined"
|
|
when: secrets_group is not defined or secrets_group == ""
|
|
|
|
- name: "Create secrets destination directory"
|
|
ansible.builtin.file:
|
|
path: "{{ secrets_dest }}"
|
|
state: directory
|
|
owner: "{{ secrets_user }}"
|
|
group: "{{ secrets_group }}"
|
|
mode: "{{ secrets_dir_mode }}"
|
|
|
|
- name: "Save variables as secret files"
|
|
ansible.builtin.copy:
|
|
content: "{{ lookup('vars', item) }}"
|
|
dest: "{{ secrets_dest }}/{{ item }}"
|
|
owner: "{{ secrets_user }}"
|
|
group: "{{ secrets_group }}"
|
|
mode: "{{ secrets_file_mode }}"
|
|
loop: "{{ secrets_vars }}"
|
|
when: secrets_vars | length > 0
|
|
no_log: true
|
|
|
|
- name: "Copy secret files"
|
|
ansible.builtin.copy:
|
|
src: "{{ item }}"
|
|
dest: "{{ secrets_dest }}/{{ item | basename }}"
|
|
owner: "{{ secrets_user }}"
|
|
group: "{{ secrets_group }}"
|
|
mode: "{{ secrets_file_mode }}"
|
|
loop: "{{ secrets_files }}"
|
|
when: secrets_files | length > 0
|