+ New vault setup

docker-host/setup/tasks/vault.yml

@@ -0,0 +1,43 @@
+---
+- hosts: leftcoastlab
+  become: yes
+  tasks:
+    - name: Pull In Vars
+      include_vars:
+        dir: ../vars
+
+    - name: Create Vault Bind Root
+      file:
+        path: /opt/vault
+        state: directory
+
+    - name: Ensure Vault Bind directories in place
+      file:
+        path: "/opt/vault/{{item}}"
+        state: directory
+      loop:
+        - config
+        - logs
+        - file
+
+    - name: Create Vault Config
+      template:
+        src: ../templates/vault-config.json.j2
+        dest: /opt/vault/config/vault.json
+
+    - name: Start up Vault Service
+      community.docker.docker_container:
+        name: vault
+        image: vault
+        ports:
+          - "{{VAULT_PORT}}:8200"
+        restart_policy: always
+        volumes:
+          - /opt/vault/logs:/vault/logs
+          - /opt/vault/file:/vault/file
+          - /opt/vault/config:/vault/config
+        capabilities:
+          - IPC_LOCK
+        entrypoint:
+          - vault server -config=/vault/config/vault.json
+