no-secrets-athq-ansible/roles/vault-pki/tasks/main.yaml

- name: Copy Hashicorp APT-key
  copy:
    src: hashicorp-archive-keyring.gpg
    dest: /usr/share/keyrings/
    mode: 0644
  notify:
    - apt update

- name: Add hashicorp apt repo
  copy:
    src: hashicorp.list
    dest: /etc/apt/sources.list.d/
    mode: 0644
  notify:
    - apt update

- meta: flush_handlers

- name: Install vault
  apt:
    name: vault
    state: present

- name: Template config
  template:
    src: "{{ item }}"
    dest: "/etc/vault.d/"
  with_items:
    - vault.hcl
    - vault.env