jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-07-27 00:05:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2023-07-17 17:00

Browse Source
This commit is contained in:
Daniel Berteaud
2023-07-17 17:00:22 +02:00
parent 85e37af6d5
commit 0ab5afe51b
7 changed files with 30 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/vault_agent/templates/nomad/nomad.hcl.j2
View File

@@ -6,7 +6,7 @@ template {
right_delimiter = "]]"
perms = 0640
exec {
# Wait a few sec before reloading Nomad as it fails if reloaded while not fully initialized yet
# No need to restart Nomad as the previous token will be renewed by Nomad itself
command = ["chown", ":{{ nomad_user }}", "/run/nomad/vault.env"]
}
}
@@ -34,7 +34,7 @@ template {
perms = 0640
{% if vault_agent_nomad.nomad_pki.cli.enabled and vault_agent_nomad.nomad_pki.cli.secret_path is defined %}
exec {
command = "{{ vault_agent_root_dir }}/bin/update_nomad_cert.sh"
command = ["sh", "-c", "export $(cat /run/nomad/vault.env) && {{ vault_agent_root_dir }}/bin/update_nomad_cert.sh"]
}
{% endif %}
}
@@ -63,7 +63,7 @@ template {
right_delimiter = "]]"
perms = 0640
exec {
command = ["chown", ":{{ nomad_user}}", "/run/nomad/consul.env"]
command = ["sh", "-c", "chown :{{ nomad_user }} /run/nomad/consul.env && systemctl restart nomad"]
}
}
{% endif %}