diff --git a/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml b/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml index 195f23add..8e6d966e5 100644 --- a/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml +++ b/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml @@ -36,15 +36,16 @@ ansible.builtin.import_role: name: stackhpc.hashicorp.openbao vars: - openbao_config_dir: "/opt/kayobe/vault" + openbao_api_addr: "http://127.0.0.1:8200" + openbao_config_dir: "/opt/kayobe/openbao" openbao_cluster_name: "kayobe-automation" copy_self_signed_ca: false openbao_write_keys_file: true - openbao_write_keys_file_path: "{{ kayobe_env_config_path }}/vault/kayobe-automation-keys.json" + openbao_write_keys_file_path: "{{ kayobe_env_config_path }}/openbao/kayobe-automation-keys.json" - name: Include OpenBao keys ansible.builtin.include_vars: - file: "{{ kayobe_env_config_path }}/vault/kayobe-automation-keys.json" + file: "{{ kayobe_env_config_path }}/openbao/kayobe-automation-keys.json" name: openbao_keys tags: always @@ -52,7 +53,7 @@ ansible.builtin.import_role: name: stackhpc.hashicorp.vault_unseal vars: - vault_api_addr: "{{ openbao_api_addr }}" + vault_api_addr: "http://{{ openbao_api_addr }}" vault_unseal_token: "{{ openbao_keys.root_token }}" vault_unseal_keys: "{{ openbao_keys.keys_base64 }}" vault_unseal_verify: false @@ -63,12 +64,12 @@ ansible.legacy.hashivault_secret_engine: name: kayobe-automation backend: kv - url: "{{ openbao_api_addr }}" + url: "http://{{ openbao_api_addr }}" token: "{{ openbao_keys.root_token }}" - name: Ensure secret store is present community.hashi_vault.vault_write: - url: "{{ openbao_api_addr }}" + url: "http://{{ openbao_api_addr }}" token: "{{ openbao_keys.root_token }}" path: kayobe-automation/{{ kayobe_environment }} data: