hashipi

Raspberry Pi Test Cluster for HashiCorp Vault, Nomad and Consul
git clone https://git.in0rdr.ch/hashipi.git
Log | Files | Refs | README

commit 63b12beb033a1c1b53e959558589f30ad1d3faa3
parent 619a2a2ac8ff2b4edd930945bc6b4579fac2b5a8
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Thu, 20 Jul 2023 18:03:14 +0200

fix(nomad): add vault stanza to client

Diffstat:
Mnomad.sh | 18++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/nomad.sh b/nomad.sh @@ -34,6 +34,16 @@ consul { cert_file = "/opt/consul/tls/dc1-server-consul.pem" key_file = "/opt/consul/tls/dc1-server-consul-key.pem" } + +vault { + # https://www.nomadproject.io/docs/configuration/vault + # Nomad servers require a Vault Token set in /etc/nomad.d/nomad.env + # Nomad clients use the use the allocation's Vault token + enabled = true + address = "https://127.0.0.1:8200" + tls_skip_verify = true + create_from_role = "nomad-cluster" +} EOF @@ -67,14 +77,6 @@ server { } } } - -vault { - # https://www.nomadproject.io/docs/configuration/vault - enabled = true - address = "https://127.0.0.1:8200" - tls_skip_verify = true - create_from_role = "nomad-cluster" -} EOF # Add VAULT_TOKEN placeholder, replace w/ real token