fix(nomad): token role only for servers - hashipi - Raspberry Pi Test Cluster for HashiCorp Vault, Nomad and Consul

commit e450a73950172ae6663c35ed6f250216fd70e4b9
parent 9cf0b86f4c18d7f4a7df0ba482153e6fc76c4f11
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Thu, 20 Jul 2023 19:12:35 +0200

fix(nomad): token role only for servers

Diffstat:
M nomad.sh  | 6 +++++-

1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/nomad.sh b/nomad.sh
@@ -42,7 +42,11 @@ vault {
   enabled = true
   address = "https://127.0.0.1:8200"
   tls_skip_verify = true
-  create_from_role = "nomad-cluster"
+$(if [[ "$NOMAD_SERVER" = true ]]; then
+  # Only servers create further Tokens for clients from the Token role
+  # https://developer.hashicorp.com/nomad/docs/configuration/vault#nomad-client
+  echo "  create_from_role = "nomad-cluster""
+fi)
 }
 EOF

	hashipi Raspberry Pi Test Cluster for HashiCorp Vault, Nomad and Consul
	git clone https://git.in0rdr.ch/hashipi.git
	Log \| Files \| Refs \| README