add vault option

This commit is contained in:
vincent 2022-03-22 18:38:02 +01:00
parent 58f257a126
commit 1d6d26428e
2 changed files with 17 additions and 0 deletions

View File

@ -3,3 +3,9 @@ nomad_data_dir: /opt/nomad
nomad_bind_addr: 0.0.0.0 nomad_bind_addr: 0.0.0.0
nomad_datacenter: dc1 nomad_datacenter: dc1
nomad_bootstrap_expect: 3 nomad_bootstrap_expect: 3
nomad_vault_enabled: False
nomad_vault_address: "https://active.vault.service.consul:8200"
nomad_vault_token_ttl: "1h"
nomad_vault_namespace: "secrets/nomad/"
nomad_vault_role: "nomad-cluster"
nomad_vault_token: ""

View File

@ -20,3 +20,14 @@ plugin "raw_exec" {
consul { consul {
address = "127.0.0.1:8500" address = "127.0.0.1:8500"
} }
{% if nomad_vault_enabled %}
vault {
enabled = true
address = {{ nomad_vault_address}}
create_from_role = {{ nomad_vault_role }}
token = {{ nomad_vault_token }}
namespace = {{ nomad_vault_namespace}}
task_token_ttl = {{ nomad_vault_token_ttl }}
}
{% endif %}