vault: add approles for pn01/pn02, fix provision playbook
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Add pn01 and pn02 to hosts-generated.tf for Vault AppRole access. Fix provision-approle.yml: the localhost play was skipped when using -l filter, since localhost didn't match the target. Merged into a single play using delegate_to: localhost for the bao commands. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -53,6 +53,16 @@ locals {
|
||||
]
|
||||
extra_policies = ["prometheus-metrics"]
|
||||
}
|
||||
"pn01" = {
|
||||
paths = [
|
||||
"secret/data/hosts/pn01/*",
|
||||
]
|
||||
}
|
||||
"pn02" = {
|
||||
paths = [
|
||||
"secret/data/hosts/pn02/*",
|
||||
]
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user