diff --git a/README.md b/README.md index ce555050..d1ba8cab 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This Ansible role performs a basic [Vault](https://vaultproject.io/) installation, including filesystem structure and example configuration. It can also bootstrap a minimal development or evaluation server or HA -Consul-backed cluster in a Vagrant and VirtualBox based environment. See +Consul-backed cluster in a Vagrant based environment. See [README_VAGRANT.md](https://github.com/ansible-community/ansible-vault/blob/master/examples/README_VAGRANT.md) and the associated [Vagrantfile](https://github.com/ansible-community/ansible-vault/blob/master/examples/Vagrantfile) for more details about the developer mode setup. ## Installation @@ -1211,12 +1211,12 @@ ansible-playbook -i hosts site.yml --extra-vars "vault_backend_file=backend_file You need to make sure that the template file `backend_file.j2` is in the role directory for this to work. -### Vagrant and VirtualBox +### Vagrant See `examples/README_VAGRANT.md` for details on quick Vagrant deployments -under VirtualBox for testing, etc. +for testing, etc. -## example virtualBox playbook +## example playbook example playbook for a file based vault instance. ``` diff --git a/examples/README_VAGRANT.md b/examples/README_VAGRANT.md index e7386428..2c9a6495 100644 --- a/examples/README_VAGRANT.md +++ b/examples/README_VAGRANT.md @@ -2,7 +2,7 @@ This project provides documentation and a collection of scripts to help you automate deployment of [HashiCorp Vault](https://www.vaultproject.io/) using [Ansible](http://www.ansibleworks.com/) -These are the instructions for deploying a development or evaluation cluster on Vagrant and VirtualBox. +These are the instructions for deploying a development or evaluation cluster on Vagrant. The documentation and scripts are merely a starting point designed to both help familiarize you with the processes and quickly bootstrap an environment for development or evaluation. You may wish to expand on them and customize them with additional features specific to your needs later. @@ -11,7 +11,7 @@ The documentation and scripts are merely a starting point designed to both help In some situations deploying a small cluster on your local development machine can be handy. This document describes such a scenario using the following technologies: * [Vault](https://vault.io) -* [VirtualBox](https://www.virtualbox.org/) +* [VirtualBox](https://www.virtualbox.org/) or [Vagrant-libvirt](https://vagrant-libvirt.github.io/vagrant-libvirt) * [Vagrant](http://www.vagrantup.com/) with Ansible provisioner and supporting plugin * [Ansible](http://www.ansibleworks.com/) @@ -31,34 +31,23 @@ This role is designed to be installed via the `ansible-galaxy` command instead o You should install it like this: ``` -$ ansible-galaxy install brianshumate.vault +$ ansible-galaxy role install -r roles/requirements.yml -p roles ``` -You'll want to make sure you have write access to `/etc/ansible/roles/` since -that is where the role will be installed by default, or define your own -Ansible role path by creating a `$HOME/.ansible.cfg` file with these contents: - -``` -[defaults] -roles_path = PATH_TO_ROLES -``` - -Change `PATH_TO_ROLES` to a directory that you have write access to. - ## Quick Start Begin from the top level directory of this project and use the following steps to get up and running: 1. Install the following prerequisites: - - [VirtualBox](https://www.virtualbox.org/wiki/Downloads) + - [VirtualBox](https://www.virtualbox.org/wiki/Downloads) or [Vagrant-libvirt](https://vagrant-libvirt.github.io/vagrant-libvirt/#installation) - [Vagrant](http://downloads.vagrantup.com/) - [vagrant-hosts plugin](https://docs.ansible.com/ansible/latest/installation_guide/index.html). 2. Edit `/etc/hosts` or use the included `bin/preinstall` script to add the following entries to your development system's `/etc/hosts` file: - `10.1.42.240 vault1.local vault1` -3. `cd $PATH_TO_ROLES/brianshumate.conusul/examples` -4. `vagrant up` +4. `export VAGRANT_DEFAULT_PROVIDER=libvirt` to use libvirt instead of VirtualBox +5. `vagrant up` 6. You can use Vault directly from the host system with the `VAULT_ADDR` environment as shown in this example: ``` VAULT_ADDR=http://10.1.42.240:8200 vault operator init @@ -69,7 +58,7 @@ You can also `vagrant ssh` into the VM and export `VAULT_ADDR=http://localhost:8 > NOTE: By default, this project will install a Debian based Vault server. If you prefer, it can also install a server based on a different Vagrant box by changing the command in step 4 to include the `BOX_NAME` environment variable specifying a different Vagrant box name as the value such as in the following example: ``` -BOX_NAME="centos/8" vagrant up +BOX_NAME="debian/bullseye64" vagrant up ``` ## Vault Enterprise @@ -80,18 +69,7 @@ Place the Vault Enterprise zip archive into `{{ role_path }}/files` and set `vau ## Notes -1. This project functions with the following software versions: - * Vault version 1.4.0 - * Ansible: 2.8.4 - * VirtualBox version 6.0.10 - * Vagrant version 2.2.5 - * Vagrant Hosts version 2.8.3 -2. This project uses Debian 10 (buster) by default, but you can choose another - OS distribution with the **BOX_NAME** environment variable -3. The `bin/preinstall` shell script performs the following actions for you: - - Adds each server's host information to the host machine's `/etc/hosts` - - Optionally installs the Vagrant hosts plugin -4. If you notice an error like *vm: The '' provisioner could not be found.* make sure that you have the vagrant-hosts plugin installed +If you notice an error like *vm: The '' provisioner could not be found.* make sure that you have the vagrant-hosts plugin installed ## Resources @@ -104,3 +82,4 @@ Place the Vault Enterprise zip archive into `{{ role_path }}/files` and set `vau 7. http://www.vagrantup.com/ 8. https://www.virtualbox.org/ 9. https://github.com/adrienthebo/vagrant-hosts +10. https://vagrant-libvirt.github.io/vagrant-libvirt \ No newline at end of file diff --git a/examples/Vagrantfile b/examples/Vagrantfile index b27a4fde..28b81c35 100644 --- a/examples/Vagrantfile +++ b/examples/Vagrantfile @@ -6,7 +6,7 @@ ANSIBLE_PLAYBOOK = ENV['ANSIBLE_PLAYBOOK'] || "site.yml" BOX_MEM = ENV['BOX_MEM'] || "2048" -BOX_NAME = ENV['BOX_NAME'] || "debian/buster64" +BOX_NAME = ENV['BOX_NAME'] || "debian/bookworm64" VAULT_HOSTS = ENV['VAULT_HOSTS'] || "vagrant_hosts" LOGLEVEL = ENV['VAULT_LOGLEVEL'] || "info" VAGRANTFILE_API_VERSION = "2" @@ -29,6 +29,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] v.customize ["modifyvm", :id, "--natdnsproxy1", "on"] end + vault_config.vm.synced_folder '.', '/vagrant', disabled: true vault_config.vm.provision :ansible do |ansible| ansible.inventory_path = VAULT_HOSTS # Extra Ansible variables can be defined here diff --git a/examples/roles/requirements.yml b/examples/roles/requirements.yml new file mode 100644 index 00000000..3f3d48fe --- /dev/null +++ b/examples/roles/requirements.yml @@ -0,0 +1,4 @@ +- src: https://github.com/ansible-community/ansible-vault.git + name: ansible-community.ansible-vault + scm: git + version: master diff --git a/examples/site.yml b/examples/site.yml index 70734b31..5c964722 100644 --- a/examples/site.yml +++ b/examples/site.yml @@ -7,4 +7,4 @@ become: true become_user: root roles: - - {role: brianshumate.vault, vault_backend: file} + - {role: ansible-community.ansible-vault, vault_backend: file}