ansible-roles/roles/nomad/templates/consul-template.hcl.j2

vault {
  address      = "{{ nomad_vault.address }}"
  token        = "{{ nomad_vault.token }}"
  unwrap_token = false
}

template {
  source          = "{{ nomad_root_dir }}/consul-template/agent.crt.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ nomad_conf.tls.cert_file }}"
  perms           = 0644
  exec {
    command = "systemctl reload nomad"
  }
}

template {
  source          = "{{ nomad_root_dir }}/consul-template/agent.key.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ nomad_conf.tls.key_file }}"
  perms           = 0640
  exec {
    command = ["sh", "-c", "chgrp {{ nomad_user }} {{ nomad_conf.tls.key_file }} && systemctl reload nomad"]
  }
}

template {
  source          = "{{ nomad_root_dir }}/consul-template/ca.crt.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ nomad_conf.tls.ca_file }}"
  perms           = 0644
  exec {
    command = "systemctl reload nomad"
  }
}

template {
  source          = "{{ nomad_root_dir }}/consul-template/cli.crt.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ nomad_root_dir }}/tls/cli.crt"
}

template {
  source          = "{{ nomad_root_dir }}/consul-template/cli.key.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ nomad_root_dir }}/tls/cli.key"
  perms           = 0640
}
Update to 2022-09-02 18:00 2022-09-02 18:00:22 +02:00			`vault {`
			`address = "{{ nomad_vault.address }}"`
			`token = "{{ nomad_vault.token }}"`
			`unwrap_token = false`
			`}`

			`template {`
			`source = "{{ nomad_root_dir }}/consul-template/agent.crt.tpl"`
			`left_delimiter = "[["`
			`right_delimiter = "]]"`
			`destination = "{{ nomad_conf.tls.cert_file }}"`
			`perms = 0644`
			`exec {`
			`command = "systemctl reload nomad"`
			`}`
			`}`

			`template {`
			`source = "{{ nomad_root_dir }}/consul-template/agent.key.tpl"`
			`left_delimiter = "[["`
			`right_delimiter = "]]"`
			`destination = "{{ nomad_conf.tls.key_file }}"`
			`perms = 0640`
			`exec {`
			`command = ["sh", "-c", "chgrp {{ nomad_user }} {{ nomad_conf.tls.key_file }} && systemctl reload nomad"]`
			`}`
			`}`

			`template {`
			`source = "{{ nomad_root_dir }}/consul-template/ca.crt.tpl"`
			`left_delimiter = "[["`
			`right_delimiter = "]]"`
			`destination = "{{ nomad_conf.tls.ca_file }}"`
			`perms = 0644`
			`exec {`
			`command = "systemctl reload nomad"`
			`}`
			`}`

			`template {`
			`source = "{{ nomad_root_dir }}/consul-template/cli.crt.tpl"`
			`left_delimiter = "[["`
			`right_delimiter = "]]"`
			`destination = "{{ nomad_root_dir }}/tls/cli.crt"`
			`}`

			`template {`
			`source = "{{ nomad_root_dir }}/consul-template/cli.key.tpl"`
			`left_delimiter = "[["`
			`right_delimiter = "]]"`
			`destination = "{{ nomad_root_dir }}/tls/cli.key"`
			`perms = 0640`
			`}`