2022-09-06 18:00:22 +02:00
|
|
|
[[ with secret "{{ nomad_vault_secrets.pki.path }}/issue/{{ nomad_vault_secrets.pki.role }}" "common_name={{ (nomad_conf.server.enabled) | ternary('server', 'client') }}-{{ ansible_fqdn | regex_replace('\\.', '-') }}.{{ nomad_conf.region | default('global') }}.nomad" "alt_names=localhost,{{ (nomad_conf.server.enabled) | ternary('server', 'client') }}.{{ nomad_conf.region | default('global') }}.nomad{% if nomad_conf.server.enabled and nomad_conf.client.enabled %},client.{{ nomad_conf.region | default('global') }}.nomad{% endif %}{% if consul_conf is defined %},nomad{{ nomad_conf.server.enabled | ternary('', '-client') }}.service.{{ consul_conf.domain | default('consul') }}{% endif %}"{% if nomad_vault_secrets.pki.ttl is defined %} "ttl={{ nomad_vault_secrets.pki.ttl }}"{% endif %} ]]
|
2022-09-02 18:00:22 +02:00
|
|
|
[[ .Data.{{ item.what }} ]]
|
|
|
|
|
[[ end ]]
|
2022-09-04 19:00:20 +02:00
|
|
|
{% if item.what == 'certificate' %}
|
2022-09-06 18:00:22 +02:00
|
|
|
[[ with secret "{{ nomad_vault_secrets.pki.path }}/cert/ca" ]]
|
2022-09-04 19:00:20 +02:00
|
|
|
[[ .Data.certificate ]]
|
|
|
|
|
[[ end ]]
|
|
|
|
|
{% endif %}
|
