jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-08-04 07:37:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2022-09-06 18:00

Browse Source
This commit is contained in:
Daniel Berteaud
2022-09-06 18:00:22 +02:00
parent ac46e06fb3
commit 382804b568
33 changed files with 311 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
roles/nomad/templates/consul-template.hcl.j2
View File

@@ -1,9 +1,12 @@
vault {
address = "{{ nomad_vault_tls.address }}"
token = "{{ nomad_vault_tls.token }}"
address = "{{ nomad_vault_secrets.vault_address }}"
token = "{{ nomad_vault_secrets.vault_token }}"
unwrap_token = false
}
# Sleep 10 sec before sending nomad service a reload to prevent it from crashing as
# Nomad doesn't support getting a reload while it's still initializing
{% if nomad_vault_secrets.pki.enabled %}
template {
source = "{{ nomad_root_dir }}/consul-template/agent.crt.tpl"
left_delimiter = "[["
@@ -11,7 +14,7 @@ template {
destination = "{{ nomad_conf.tls.cert_file }}"
perms = 0644
exec {
command = "systemctl reload nomad"
command = "sh -c 'sleep 10 && systemctl reload nomad || true'"
}
}
@@ -22,7 +25,7 @@ template {
destination = "{{ nomad_conf.tls.key_file }}"
perms = 0640
exec {
command = ["sh", "-c", "chgrp {{ nomad_user }} {{ nomad_conf.tls.key_file }} && systemctl reload nomad"]
command = ["sh", "-c", "chgrp {{ nomad_user }} {{ nomad_conf.tls.key_file }} && sleep 10 && systemctl reload nomad || true"]
}
}
@@ -33,7 +36,7 @@ template {
destination = "{{ nomad_conf.tls.ca_file }}"
perms = 0644
exec {
command = "systemctl reload nomad"
command = "sh -c 'sleep 10 && systemctl reload nomad || true'"
}
}
@@ -53,13 +56,18 @@ template {
perms = 0640
}
{% endif %}
{% endif %}
{% if nomad_conf.client.enabled and nomad_conf.consul.ssl %}
{% if nomad_vault_secrets.consul_pki.enabled and nomad_conf.client.enabled and nomad_conf.consul.ssl %}
template {
source = "{{ nomad_root_dir }}/consul-template/consul.crt.tpl"
left_delimiter = "[["
right_delimiter = "]]"
destination = "{{ nomad_conf.consul.cert_file }}"
exec {
command = "sh -c 'sleep 10 && systemctl reload nomad || true'"
}
}
template {
@@ -68,6 +76,9 @@ template {
right_delimiter = "]]"
destination = "{{ nomad_conf.consul.key_file }}"
perms = 0640
exec {
command = "sh -c 'sleep 10 && systemctl reload nomad || true'"
}
}
template {
@@ -77,8 +88,8 @@ template {
destination = "{{ nomad_conf.consul.ca_file }}"
perms = 0644
exec {
command = "systemctl reload nomad"
command = "sh -c 'sleep 10 && systemctl reload nomad || true'"
}
}
{% endif %}