commit 63b12beb033a1c1b53e959558589f30ad1d3faa3 parent 619a2a2ac8ff2b4edd930945bc6b4579fac2b5a8 Author: Andreas Gruhler <andreas.gruhler@adfinis.com> Date: Thu, 20 Jul 2023 18:03:14 +0200 fix(nomad): add vault stanza to client Diffstat:
| M | nomad.sh | | | 18 | ++++++++++-------- |
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/nomad.sh b/nomad.sh @@ -34,6 +34,16 @@ consul { cert_file = "/opt/consul/tls/dc1-server-consul.pem" key_file = "/opt/consul/tls/dc1-server-consul-key.pem" } + +vault { + # https://www.nomadproject.io/docs/configuration/vault + # Nomad servers require a Vault Token set in /etc/nomad.d/nomad.env + # Nomad clients use the use the allocation's Vault token + enabled = true + address = "https://127.0.0.1:8200" + tls_skip_verify = true + create_from_role = "nomad-cluster" +} EOF @@ -67,14 +77,6 @@ server { } } } - -vault { - # https://www.nomadproject.io/docs/configuration/vault - enabled = true - address = "https://127.0.0.1:8200" - tls_skip_verify = true - create_from_role = "nomad-cluster" -} EOF # Add VAULT_TOKEN placeholder, replace w/ real token