-
Notifications
You must be signed in to change notification settings - Fork 0
/
03_encryption.yml
34 lines (32 loc) · 894 Bytes
/
03_encryption.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
---
- name: Generate encryption config file
hosts: localhost
vars_files:
- vars.yml
tasks:
- shell:
cmd: |
ENCRYPTION_KEY=$(head -c 32 /dev/urandom | base64) && \
cat > encryption-config.yaml <<EOF
kind: EncryptionConfig
apiVersion: v1
resources:
- resources:
- secrets
providers:
- aescbc:
keys:
- name: key1
secret: ${ENCRYPTION_KEY}
- identity: {}
EOF
chdir: "{{ local_dir }}"
creates: "{{ local_dir}}/encryption-config.yaml"
- name: Copy encryption config to controllers
hosts: controllers
vars_files:
- vars.yml
tasks:
- copy:
src: "{{ local_dir }}/encryption-config.yaml"
dest: "/home/ipreston/encryption-config.yaml"