From 328db89ff8c213ae2ad49ab73da544703ffdc6e2 Mon Sep 17 00:00:00 2001
From: Matt Anson <matta@stackhpc.com>
Date: Mon, 15 Sep 2025 17:09:10 +0000
Subject: [PATCH] Fixes for installation of openbao for automation

Some variables needed updating in the move to
openbao from Vault.
---
 .../ansible/deploy-openbao-kayobe-automation.yml    | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml b/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml
index 195f23add..8e6d966e5 100644
--- a/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml
+++ b/etc/kayobe/ansible/deploy-openbao-kayobe-automation.yml
@@ -36,15 +36,16 @@
       ansible.builtin.import_role:
         name: stackhpc.hashicorp.openbao
       vars:
-        openbao_config_dir: "/opt/kayobe/vault"
+        openbao_api_addr: "http://127.0.0.1:8200"
+        openbao_config_dir: "/opt/kayobe/openbao"
         openbao_cluster_name: "kayobe-automation"
         copy_self_signed_ca: false
         openbao_write_keys_file: true
-        openbao_write_keys_file_path: "{{ kayobe_env_config_path }}/vault/kayobe-automation-keys.json"
+        openbao_write_keys_file_path: "{{ kayobe_env_config_path }}/openbao/kayobe-automation-keys.json"
 
     - name: Include OpenBao keys
       ansible.builtin.include_vars:
-        file: "{{ kayobe_env_config_path }}/vault/kayobe-automation-keys.json"
+        file: "{{ kayobe_env_config_path }}/openbao/kayobe-automation-keys.json"
         name: openbao_keys
       tags: always
 
@@ -52,7 +53,7 @@
       ansible.builtin.import_role:
         name: stackhpc.hashicorp.vault_unseal
       vars:
-        vault_api_addr: "{{ openbao_api_addr }}"
+        vault_api_addr: "http://{{ openbao_api_addr }}"
         vault_unseal_token: "{{ openbao_keys.root_token }}"
         vault_unseal_keys: "{{ openbao_keys.keys_base64 }}"
         vault_unseal_verify: false
@@ -63,12 +64,12 @@
       ansible.legacy.hashivault_secret_engine:
         name: kayobe-automation
         backend: kv
-        url: "{{ openbao_api_addr }}"
+        url: "http://{{ openbao_api_addr }}"
         token: "{{ openbao_keys.root_token }}"
 
     - name: Ensure secret store is present
       community.hashi_vault.vault_write:
-        url: "{{ openbao_api_addr }}"
+        url: "http://{{ openbao_api_addr }}"
         token: "{{ openbao_keys.root_token }}"
         path: kayobe-automation/{{ kayobe_environment }}
         data: