commit caa51c4ff4186d4c7185cf359b922894dedb8b65
parent e8160380cb6c539e6b48dcacf74d7233f331190a
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date: Sat, 27 Jul 2024 15:49:35 +0200
feat: workload identities
Diffstat:
7 files changed, 14 insertions(+), 35 deletions(-)
diff --git a/hcl/default/ampache/ampache.nomad b/hcl/default/ampache/ampache.nomad
@@ -1,10 +1,7 @@
job "ampache" {
datacenters = ["dc1"]
- vault {
- policies = ["ampache"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
diff --git a/hcl/default/hivedav-demo/hivedav-demo.nomad b/hcl/default/hivedav-demo/hivedav-demo.nomad
@@ -3,10 +3,7 @@ job "hivedav-demo" {
priority = 80
- vault {
- policies = ["hivedav"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
@@ -82,12 +79,12 @@ job "hivedav-demo" {
env = true
destination = "${NOMAD_SECRETS_DIR}/env"
data = <<EOT
-HIVEDAV_CALDAV_HOST = "{{with secret "kv/hivedav"}}{{index .Data.data.HIVEDAV_CALDAV_HOST}}{{end}}"
-HIVEDAV_CALDAV_USER = "{{with secret "kv/hivedav"}}{{index .Data.data.HIVEDAV_CALDAV_USER}}{{end}}"
-HIVEDAV_CALDAV_PASSWORD = "{{with secret "kv/hivedav"}}{{index .Data.data.HIVEDAV_CALDAV_PASSWORD}}{{end}}"
-HIVEDAV_SMTP_HOST = "{{with secret "kv/hivedav"}}{{index .Data.data.HIVEDAV_SMTP_HOST}}{{end}}"
-HIVEDAV_SMTP_USER = "{{with secret "kv/hivedav"}}{{index .Data.data.HIVEDAV_SMTP_USER}}{{end}}"
-HIVEDAV_SMTP_PASSWORD = "{{with secret "kv/hivedav"}}{{index .Data.data.HIVEDAV_SMTP_PASSWORD}}{{end}}"
+HIVEDAV_CALDAV_HOST = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_CALDAV_HOST}}{{end}}"
+HIVEDAV_CALDAV_USER = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_CALDAV_USER}}{{end}}"
+HIVEDAV_CALDAV_PASSWORD = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_CALDAV_PASSWORD}}{{end}}"
+HIVEDAV_SMTP_HOST = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_SMTP_HOST}}{{end}}"
+HIVEDAV_SMTP_USER = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_SMTP_USER}}{{end}}"
+HIVEDAV_SMTP_PASSWORD = "{{with secret "kv/hivedav-demo"}}{{index .Data.data.HIVEDAV_SMTP_PASSWORD}}{{end}}"
EOT
}
diff --git a/hcl/default/kanboard/kanboard.nomad b/hcl/default/kanboard/kanboard.nomad
@@ -6,10 +6,7 @@ job "kanboard" {
priority = 80
- vault {
- policies = ["kanboard"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
diff --git a/hcl/default/mastodon/mastodon.nomad b/hcl/default/mastodon/mastodon.nomad
@@ -3,10 +3,7 @@
job "mastodon" {
datacenters = ["dc1"]
- vault {
- policies = ["mastodon"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
diff --git a/hcl/default/myheats-demo/myheats-demo.nomad b/hcl/default/myheats-demo/myheats-demo.nomad
@@ -3,10 +3,7 @@ job "myheats-demo" {
priority = 80
- vault {
- policies = ["myheats"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
@@ -52,7 +49,7 @@ job "myheats-demo" {
destination = "${NOMAD_SECRETS_DIR}/env"
data = <<EOT
VITE_APP_SUPABASE_URL = "https://aaxkgqazjhwumoljibld.supabase.co"
-VITE_APP_SUPABASE_KEY = "{{with secret "kv/myheats"}}{{index .Data.data.supabase_key}}{{end}}"
+VITE_APP_SUPABASE_KEY = "{{with secret "kv/myheats-demo"}}{{index .Data.data.supabase_key}}{{end}}"
EOT
}
diff --git a/hcl/default/snibox/snibox.nomad b/hcl/default/snibox/snibox.nomad
@@ -1,10 +1,7 @@
job "snibox" {
datacenters = ["dc1"]
- vault {
- policies = ["snibox"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
diff --git a/hcl/default/writefreely/writefreely.nomad b/hcl/default/writefreely/writefreely.nomad
@@ -1,10 +1,7 @@
job "writefreely" {
datacenters = ["dc1"]
- vault {
- policies = ["writefreely"]
- change_mode = "noop"
- }
+ vault {}
group "server" {
count = 1
