hashipi

Raspberry Pi Test Cluster for HashiCorp Vault, Nomad and Consul
git clone https://git.in0rdr.ch/hashipi.git
Log | Files | Refs | README
commit f114e6a0c9b9c634e0dfcf984133f13fb428c032
parent d1ebba46c4569958694a8fc2267e713ab861a032
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Mon, 27 May 2024 19:52:05 +0200

feat: simplify hosts files

Diffstat:

Mhashi-pi.json | 28+++++++++++++++++-----------


Mhosts/pi0.json | 11+----------


Mhosts/pi1.json | 11+----------


Mhosts/pi2.json | 11+----------


Mhosts/pi3.json | 11+----------


Mhosts/pi4.json | 11+----------


6 files changed, 22 insertions(+), 61 deletions(-)

diff --git a/hashi-pi.json b/hashi-pi.json
@@ -5,27 +5,30 @@
     "authorized_keys": "",
     "img_url": "https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2023-10-10/2023-10-10-raspios-bookworm-arm64-lite.img.xz",
     "img_name": "raspi.img",
-    "flash_device_path": null,
+    "flash_device_path": "/dev/sda",
     "img_size": "4G",
-    "consul_version": "1.18.0",
+    "consul_version": "1.18.2",
     "consul_server": "true",
-    "consul_encrypt": null,
-    "consul_tls_ca": null,
-    "consul_tls_certs": null,
-    "consul_retry_join": "\"HashiPi0\", \"HashiPi1\", \"HashiPi2\"",
-    "nomad_version": "1.7.6",
+    "consul_encrypt": "",
+    "consul_tls_ca": "./tls/consul/consul-agent-ca.pem",
+    "consul_tls_certs": "./tls/consul/certs/",
+    "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"",
+    "nomad_version": "1.7.7",
     "nomad_server": "true",
     "nomad_client": "true",
     "nomad_nfs_server": "",
     "nomad_nfs_mount": "",
     "nomad_nfs_target": "",
     "nomad_podman_driver_version": "0.5.2",
-    "vault_version": "1.16.1",
+    "nomad_vault_token": "",
+    "nomad_jenkins_uid": "1312",
+    "nomad_jenkins_gid": "1312",
+    "vault_version": "1.16.2",
     "vault_tls_ca_cert": "./tls/vault/ca/vault_ca.pem",
     "vault_tls_ca_key": "./tls/vault/ca/vault_ca.key",
     "vault_tls_subj_alt_name": "IP:127.0.0.1",
-    "vault_transit_server": null,
-    "vault_transit_token": null
+    "vault_transit_server": "",
+    "vault_transit_token": ""
   },
   "sensitive-variables": [
     "consul_encrypt",
@@ -126,7 +129,10 @@
         "NFS_MOUNT_TARGET={{ user `nomad_nfs_target` }}",
         "NOMAD_SERVER={{ user `nomad_server` }}",
         "NOMAD_CLIENT={{ user `nomad_client` }}",
-        "NOMAD_PODMAN_DRIVER_VERSION={{ user `nomad_podman_driver_version` }}"
+        "NOMAD_PODMAN_DRIVER_VERSION={{ user `nomad_podman_driver_version` }}",
+        "NOMAD_VAULT_TOKEN={{ user `nomad_vault_token` }}",
+        "NOMAD_JENKINS_UID={{ user `nomad_jenkins_uid` }}",
+        "NOMAD_JENKINS_GID={{ user `nomad_jenkins_gid` }}"
       ]
     },
     {
diff --git a/hosts/pi0.json b/hosts/pi0.json
@@ -1,16 +1,7 @@
 {
     "hostname": "pi0",
     "img_name": "HashiPi-pi0.img",
-    "flash_device_path": "/dev/sda",
-    "consul_tls_ca": "./tls/consul/consul-agent-ca.pem",
-    "consul_tls_certs": "./tls/consul/certs/",
-    "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"",
-    "vault_transit_server": "",
-    "vault_transit_token": "",
-    "consul_encrypt": "",
     "consul_server": "true",
     "nomad_server": "true",
-    "nomad_client": "false",
-    "username": "pi",
-    "authorized_keys": ""
+    "nomad_client": "false"
 }
diff --git a/hosts/pi1.json b/hosts/pi1.json
@@ -1,16 +1,7 @@
 {
     "hostname": "pi1",
     "img_name": "HashiPi-pi1.img",
-    "flash_device_path": "/dev/sda",
-    "consul_tls_ca": "./tls/consul/consul-agent-ca.pem",
-    "consul_tls_certs": "./tls/consul/certs/",
-    "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"",
-    "vault_transit_server": "",
-    "vault_transit_token": "",
-    "consul_encrypt": "",
     "consul_server": "false",
     "nomad_server": "false",
-    "nomad_client": "true",
-    "username": "pi",
-    "authorized_keys": ""
+    "nomad_client": "true"
 }
diff --git a/hosts/pi2.json b/hosts/pi2.json
@@ -1,16 +1,7 @@
 {
     "hostname": "pi2",
     "img_name": "HashiPi-pi2.img",
-    "flash_device_path": "/dev/sda",
-    "consul_tls_ca": "./tls/consul/consul-agent-ca.pem",
-    "consul_tls_certs": "./tls/consul/certs/",
-    "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"",
-    "vault_transit_server": "",
-    "vault_transit_token": "",
-    "consul_encrypt": "",
     "consul_server": "true",
     "nomad_server": "true",
-    "nomad_client": "true",
-    "username": "pi",
-    "authorized_keys": ""
+    "nomad_client": "true"
 }
diff --git a/hosts/pi3.json b/hosts/pi3.json
@@ -1,16 +1,7 @@
 {
     "hostname": "pi3",
     "img_name": "HashiPi-pi3.img",
-    "flash_device_path": "/dev/sda",
-    "consul_tls_ca": "./tls/consul/consul-agent-ca.pem",
-    "consul_tls_certs": "./tls/consul/certs/",
-    "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"",
-    "vault_transit_server": "",
-    "vault_transit_token": "",
-    "consul_encrypt": "",
     "consul_server": "false",
     "nomad_server": "false",
-    "nomad_client": "true",
-    "username": "pi",
-    "authorized_keys": ""
+    "nomad_client": "true"
 }
diff --git a/hosts/pi4.json b/hosts/pi4.json
@@ -1,16 +1,7 @@
 {
     "hostname": "pi4",
     "img_name": "HashiPi-pi4.img",
-    "flash_device_path": "/dev/sda",
-    "consul_tls_ca": "./tls/consul/consul-agent-ca.pem",
-    "consul_tls_certs": "./tls/consul/certs/",
-    "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"",
-    "vault_transit_server": "",
-    "vault_transit_token": "",
-    "consul_encrypt": "",
     "consul_server": "true",
     "nomad_server": "true",
-    "nomad_client": "true",
-    "username": "pi",
-    "authorized_keys": ""
+    "nomad_client": "true"
 }