wireguard: bump role and add Consul ACL token

Part of effort to lock down Consul ACLs: https://github.com/status-im/infra-hq/issues/70 Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-02-08 19:45:04 +01:00 · 2022-02-08 19:45:04 +01:00 · 986b7b8602
parent 0b30814033
commit 986b7b8602
3 changed files with 7 additions and 3 deletions
--- a/ansible/bootstrap.yml
+++ b/ansible/bootstrap.yml
@ -22,10 +22,12 @@
 - name: Bootstrap Python support for Ansible
  gather_facts: False
  hosts: all
+  serial: '{{ serial|default(1) }}'
  roles:
    - infra-role-bootstrap-linux/raw

 - name: Bootstrap admin users and Consul
  hosts: all
+  serial: '{{ serial|default(1) }}'
  roles:
    - infra-role-bootstrap-linux
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -1,6 +1,8 @@
 ---
 # Root password
 bootstrap__root_pass: '{{lookup("bitwarden", "root-pass")}}'
-# Consul encryption key and ACL token
+# Consul
 bootstrap__consul_encryption_key: '{{lookup("bitwarden", "consul", field="encryption-key")}}'
 bootstarp__consul_agent_acl_token: '{{lookup("bitwarden", "consul", field="agent-acl-token")}}'
+# Wireguard
+wireguard_consul_acl_token: '{{lookup("bitwarden", "consul", field="wireguard-acl-token")}}'
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -6,12 +6,12 @@

 - name: infra-role-bootstrap-linux
  src: git@github.com:status-im/infra-role-bootstrap-linux.git
-  version: 3b61bca714677e6a2a44a7500659b16b78977181
+  version: 7d2646cad4046e20b02628f4efc1e2b87deef773
  scm: git

 - name: infra-role-wireguard
  src: git@github.com:status-im/infra-role-wireguard.git
-  version: 345c9dd85ff8e57bce7e492dc05d685aee1f076c
+  version: 2aa2627c9f01d5c08f43237a09dd3a7635592205
  scm: git

 - name: consul-service