Digitalboard/reference-ansible
6
1
Fork 0
Code Pull requests Activity Actions

chore: add readme entry and configration for openbao secrets management

Browse source 
Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
This commit is contained in:
Bert-Jan Fikse 2026-03-27 16:46:18 +01:00
parent 2c1c01a2d7
commit bd85fdfe91
Signed by: bert-jan
GPG key ID: C1E0AB516AC16D1A
4 changed files with 23 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -15,3 +15,4 @@
# Ansible # Ansible
/collections/ansible_collections/ /collections/ansible_collections/
.vagrant/ .vagrant/
bao

16
README.md
View file

@ -1 +1,17 @@
# reference-ansible # reference-ansible
### Secrets
Secrets are managed using [OpenBao](https://bao.digitalboard.ch).
Download the CLI binary once (not checked in):
```bash
curl -L https://github.com/openbao/openbao/releases/latest/download/bao_linux_amd64 -o ./bao && chmod +x ./bao
```
Authenticate and export token before running playbooks:
```bash
export BAO_ADDR=https://bao.digitalboard.ch
./bao login -method=oidc -path=Digitalboard
export VAULT_TOKEN=$(./bao print token)
```

4
ansible.cfg
View file

@ -1,3 +1,7 @@
[defaults] [defaults]
collections_path = ./collections:~/.ansible/collections:/usr/share/ansible/collections collections_path = ./collections:~/.ansible/collections:/usr/share/ansible/collections
remote_user = root remote_user = root
[hashi_vault_collection]
url = https://bao.digitalboard.ch
auth_method = token

1
requirements.yml
View file

@ -1,4 +1,5 @@
collections: collections:
- name: community.hashi_vault
- name: https://git.digitalboard.ch/Digitalboard/digitalboard.core.git - name: https://git.digitalboard.ch/Digitalboard/digitalboard.core.git
type: git type: git
version: main version: main