From d89f657c63199c66da3e1fb6bbe27d5742761ebe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorben=20G=C3=BCnther?= <admin@xenrox.net>
Date: Sun, 27 Jun 2021 01:24:20 +0200
Subject: [PATCH] terraform: Create basic configuration for vault

Creates a kv secrets engine.
---
 terraform_vault/secrets.tf  | 5 +++++
 terraform_vault/vault.tf    | 9 +++++++++
 terraform_vault/versions.tf | 8 ++++++++
 3 files changed, 22 insertions(+)
 create mode 100644 terraform_vault/secrets.tf
 create mode 100644 terraform_vault/vault.tf
 create mode 100644 terraform_vault/versions.tf

diff --git a/terraform_vault/secrets.tf b/terraform_vault/secrets.tf
new file mode 100644
index 0000000..c2c8908
--- /dev/null
+++ b/terraform_vault/secrets.tf
@@ -0,0 +1,5 @@
+resource "vault_mount" "kv" {
+  path        = "ansible"
+  type        = "kv-v2"
+  description = "Ansible secrets store"
+}
diff --git a/terraform_vault/vault.tf b/terraform_vault/vault.tf
new file mode 100644
index 0000000..d189f08
--- /dev/null
+++ b/terraform_vault/vault.tf
@@ -0,0 +1,9 @@
+terraform {
+  backend "local" {
+    path = "/home/xenrox/decrypted/terraform/vault.tfstate"
+  }
+}
+
+provider "vault" {
+  address = "https://vault.xenrox.net"
+}
diff --git a/terraform_vault/versions.tf b/terraform_vault/versions.tf
new file mode 100644
index 0000000..f1b217c
--- /dev/null
+++ b/terraform_vault/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    vault = {
+      source = "hashicorp/vault"
+    }
+  }
+  required_version = ">= 0.13"
+}
-- 
2.44.0