Provide ability to configure missing mysql storage options

haegar · haegar · commit f7bc1f463485 · 2026-02-18T21:50:02.000+01:00
As documented in https://developer.hashicorp.com/vault/docs/configuration/storage/mysql plaintext_connection_allowed, ha_enabled and lock_table were missing.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -206,6 +206,9 @@ vault_mysql_tls_ca_file: ""
 vault_mysql_max_parallel: ""
 vault_mysql_max_idle_connections: ""
 vault_mysql_max_connection_lifetime: ""
+vault_mysql_plaintext_connection_allowed: ""
+vault_mysql_ha_enabled: false
+vault_mysql_lock_table: ""
 
 # gcs storage settings
 vault_gcs_bucket: ""
diff --git a/templates/vault_backend_mysql.j2 b/templates/vault_backend_mysql.j2
@@ -22,4 +22,13 @@ storage "mysql" {
   {% if vault_mysql_max_connection_lifetime is defined and vault_mysql_max_connection_lifetime|length -%}
   max_connection_lifetime = "{{ vault_mysql_max_connection_lifetime }}"
   {% endif -%}
+  {% if vault_mysql_plaintext_connection_allowed is defined and vault_mysql_plaintext_connection_allowed|length -%}
+  plaintext_connection_allowed = "{{ vault_mysql_plaintext_connection_allowed }}"
+  {% endif -%}
+  {% if vault_mysql_ha_enabled is defined and vault_mysql_ha_enabled|bool -%}
+  ha_enabled = "{{ vault_mysql_ha_enabled | bool | lower }}"
+  {% endif -%}
+  {% if vault_mysql_lock_table is defined and vault_mysql_lock_table|length -%}
+  lock_table = "{{ vault_mysql_lock_table }}"
+  {% endif -%}
 }
