README (648B)
1 NOMAD VAULT TLS 2 --------------- 3 4 Run periodic batch job to replace the Vault API certificate. 5 6 The job can be started with the Vault API name and the user (sudoer): 7 8 nomad run -var user=sudoer -var api_addr=vault.example.com nomad-vault-tls.nomad 9 10 The job uses variables and is no `parametrized`, because the parameters seem to 11 only evaluate inside the tasks `config` stanza (`user` is under `task`). 12 13 SUDOER USER 14 ----------- 15 16 The sudoer user needs permissions to change the TLS certificate permissions and 17 reload Vault: 18 19 - chown vault:vault cert.pem 20 - reload vault (SIGHUP) 21 22 TODO: SYSBATCH 23 -------------- 24 25 See comment in nomad-vault-tls.hcl