~xenrox/ansible

ref: 9f30a90364ac268c963259eb8289efcbf6dee1a3 ansible/terraform_vault/secrets.tf -rw-r--r-- 1.0 KiB
9f30a903Thorben Günther wireguard(_*): Read keys from vault 2 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
resource "vault_generic_secret" "ansible_secrets" {
  for_each = fileset("/home/xenrox/decrypted/vault", "*.json")

  path      = trimsuffix("ansible/${each.key}", ".json")
  data_json = file("/home/xenrox/decrypted/vault/${each.key}")
}

# keycloak users

resource "vault_generic_secret" "users" {
  for_each = fileset("/home/xenrox/decrypted/vault/users", "*.json")

  path      = trimsuffix("ansible/users/${each.key}", ".json")
  data_json = file("/home/xenrox/decrypted/vault/users/${each.key}")
}

# wireguard keys

resource "vault_generic_secret" "wireguard" {
  for_each = fileset("/home/xenrox/decrypted/wireguard", "*")

  path = "ansible/wireguard/${each.key}"
  data_json = jsonencode({
    content = file("/home/xenrox/decrypted/wireguard/${each.key}")
  })
}

# wireguard VPN keys
#
resource "vault_generic_secret" "wireguard_vpn" {
  for_each = fileset("/home/xenrox/decrypted/wireguard_vpn", "*")

  path = "ansible/wireguard_vpn/${each.key}"
  data_json = jsonencode({
    content = file("/home/xenrox/decrypted/wireguard_vpn/${each.key}")
  })
}