From a5afaaf4e6d678bcba4b749e72fd2e7ea57b5113 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Tue, 8 Feb 2022 19:38:20 +0100
Subject: [PATCH] wireguard: bump role and add Consul ACL token
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Part of effort to lock down Consul ACLs:
https://github.com/status-im/infra-hq/issues/70

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 ansible/bootstrap.yml      | 2 ++
 ansible/group_vars/all.yml | 6 ++++--
 ansible/requirements.yml   | 4 ++--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/ansible/bootstrap.yml b/ansible/bootstrap.yml
index b0bd6d7..066862e 100644
--- a/ansible/bootstrap.yml
+++ b/ansible/bootstrap.yml
@@ -22,10 +22,12 @@
 - name: Bootstrap Python support for Ansible
   gather_facts: False
   hosts: all
+  serial: '{{ serial|default(1) }}'
   roles:
     - infra-role-bootstrap-linux/raw
 
 - name: Bootstrap admin users and Consul
   hosts: all
+  serial: '{{ serial|default(1) }}'
   roles:
     - infra-role-bootstrap-linux
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 7b25f94..5586909 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -1,11 +1,13 @@
 ---
 # Root password
 bootstrap__root_pass: '{{lookup("bitwarden", "root-pass")}}'
-# Consul encryption key and ACL token
+# Consul
 bootstrap__consul_encryption_key: '{{lookup("bitwarden", "consul", field="encryption-key")}}'
 bootstarp__consul_agent_acl_token: '{{lookup("bitwarden", "consul", field="agent-acl-token")}}'
+# Wireguard
+wireguard_consul_acl_token: '{{lookup("bitwarden", "consul", field="wireguard-acl-token")}}'
 
-# CloudFlare Origin certificates
+# CloudFlare
 origin_certs:
   - domain: 'status.im'
     crt: '{{lookup("bitwarden", "Cloudflare/status.im", file="origin.crt")}}'
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
index efcb0de..bf54452 100644
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@@ -16,12 +16,12 @@
 
 - name: infra-role-bootstrap-linux
   src: git@github.com:status-im/infra-role-bootstrap-linux.git
-  version: 3b61bca714677e6a2a44a7500659b16b78977181
+  version: 7d2646cad4046e20b02628f4efc1e2b87deef773
   scm: git
 
 - name: infra-role-wireguard
   src: git@github.com:status-im/infra-role-wireguard.git
-  version: 345c9dd85ff8e57bce7e492dc05d685aee1f076c
+  version: 2aa2627c9f01d5c08f43237a09dd3a7635592205
   scm: git
 
 - name: consul-service