108 lines
3.8 KiB
Python
108 lines
3.8 KiB
Python
|
# -*- coding: utf-8 -*-
|
||
|
|
||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||
|
"""Implement documentation fragment for Hashivault module."""
|
||
|
|
||
|
from __future__ import (absolute_import, division, print_function)
|
||
|
|
||
|
__metaclass__ = type
|
||
|
|
||
|
|
||
|
class ModuleDocFragment:
|
||
|
# Standard documentation
|
||
|
DOCUMENTATION = r"""
|
||
|
requirements:
|
||
|
- hvac>=0.10.1
|
||
|
- ansible>=2.0.0
|
||
|
- requests
|
||
|
options:
|
||
|
url:
|
||
|
description:
|
||
|
- URL of the Vault server.
|
||
|
- You can use C(VAULT_ADDR) environment variable.
|
||
|
default: ""
|
||
|
type: str
|
||
|
ca_cert:
|
||
|
description:
|
||
|
- Path to a PEM-encoded CA cert file to use to verify the Vault server
|
||
|
TLS certificate.
|
||
|
- You can use C(VAULT_CACERT) environment variable.
|
||
|
default: ""
|
||
|
type: str
|
||
|
ca_path:
|
||
|
description:
|
||
|
- Path to a directory of PEM-encoded CA cert files to verify the Vault server
|
||
|
TLS certificate. If ca_cert is specified, its value will take precedence.
|
||
|
- You can use C(VAULT_CAPATH) environment variable.
|
||
|
default: ""
|
||
|
type: str
|
||
|
client_cert:
|
||
|
description:
|
||
|
- Path to a PEM-encoded client certificate for TLS authentication to the Vault
|
||
|
server.
|
||
|
- You can use C(VAULT_CLIENT_CERT) environment variable.
|
||
|
default: ""
|
||
|
type: str
|
||
|
client_key:
|
||
|
description:
|
||
|
- Path to an unencrypted PEM-encoded private key matching the client certificate.
|
||
|
- You can use C(VAULT_CLIENT_KEY) environment variable.
|
||
|
default: ""
|
||
|
type: str
|
||
|
verify:
|
||
|
description:
|
||
|
- If set, do not verify presented TLS certificate before communicating with Vault
|
||
|
server. Setting this variable is not recommended except during testing.
|
||
|
- You can use C(VAULT_SKIP_VERIFY) environment variable.
|
||
|
default: false
|
||
|
type: bool
|
||
|
authtype:
|
||
|
description:
|
||
|
- Authentication type.
|
||
|
- You can use C(VAULT_AUTHTYPE) environment variable.
|
||
|
default: "token"
|
||
|
type: str
|
||
|
choices: ["token", "userpass", "github", "ldap", "approle"]
|
||
|
login_mount_point:
|
||
|
description:
|
||
|
- Authentication mount point.
|
||
|
- You can use C(VAULT_LOGIN_MOUNT_POINT) environment variable.
|
||
|
type: str
|
||
|
token:
|
||
|
description:
|
||
|
- Token for vault.
|
||
|
- You can use C(VAULT_TOKEN) environment variable.
|
||
|
type: str
|
||
|
username:
|
||
|
description:
|
||
|
- Username to login to vault.
|
||
|
- You can use C(VAULT_USER) environment variable.
|
||
|
default: ""
|
||
|
type: str
|
||
|
password:
|
||
|
description:
|
||
|
- Password to login to vault.
|
||
|
- You can use C(VAULT_PASSWORD) environment variable.
|
||
|
type: str
|
||
|
role_id:
|
||
|
description:
|
||
|
- Role id for vault.
|
||
|
- You can use C(VAULT_ROLE_ID) environment variable.
|
||
|
type: str
|
||
|
secret_id:
|
||
|
description:
|
||
|
- Secret id for vault.
|
||
|
- You can use C(VAULT_SECRET_ID) environment variable.
|
||
|
type: str
|
||
|
aws_header:
|
||
|
description:
|
||
|
- X-Vault-AWS-IAM-Server-ID Header value to prevent replay attacks.
|
||
|
- You can use C(VAULT_AWS_HEADER) environment variable.
|
||
|
type: str
|
||
|
namespace:
|
||
|
description:
|
||
|
- Namespace for vault.
|
||
|
- You can use C(VAULT_NAMESPACE) environment variable.
|
||
|
type: str
|
||
|
"""
|