mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-25 09:36:14 +01:00
Update secret path for Hydra
Signed-off-by: Magic_RB <magic_rb@redalder.org>
This commit is contained in:
parent
1e5e4bc061
commit
8411477669
|
@ -32,7 +32,7 @@ in
|
|||
resource."vault_policy"."hydra-policy" = {
|
||||
name = "hydra-policy";
|
||||
policy = ''
|
||||
path "kv/data/hydra" {
|
||||
path "kv/data/cluster/hydra" {
|
||||
capabilities = ["read"]
|
||||
}
|
||||
'';
|
||||
|
|
|
@ -122,7 +122,7 @@ job "hydra" {
|
|||
|
||||
template {
|
||||
data = <<EOF
|
||||
{{ with secret "kv/data/hydra" }}{{ .Data.data.nixbuild_key }}{{ end }}
|
||||
{{ with secret "kv/data/cluster/hydra" }}{{ .Data.data.nixbuild_key }}{{ end }}
|
||||
EOF
|
||||
destination = "secrets/ssh-key"
|
||||
perms = "400"
|
||||
|
@ -137,7 +137,7 @@ EOF
|
|||
|
||||
template {
|
||||
data = <<EOF
|
||||
127.0.0.1:*:*:hydra:{{ with secret "kv/data/hydra" }}{{ .Data.data.pgpass}}{{ end }}
|
||||
127.0.0.1:*:*:hydra:{{ with secret "kv/data/cluster/hydra" }}{{ .Data.data.pgpass }}{{ end }}
|
||||
EOF
|
||||
destination = "secrets/pgpass"
|
||||
perms = "400"
|
||||
|
@ -145,7 +145,7 @@ EOF
|
|||
|
||||
template {
|
||||
data = <<EOF
|
||||
127.0.0.1:*:*:hydra:{{ with secret "kv/data/hydra" }}{{ .Data.data.pgpass}}{{ end }}
|
||||
127.0.0.1:*:*:hydra:{{ with secret "kv/data/cluster/hydra" }}{{ .Data.data.pgpass }}{{ end }}
|
||||
EOF
|
||||
destination = "secrets/pgpass-www"
|
||||
perms = "400"
|
||||
|
@ -153,7 +153,7 @@ EOF
|
|||
|
||||
template {
|
||||
data = <<EOF
|
||||
127.0.0.1:*:*:hydra:{{ with secret "kv/data/hydra" }}{{ .Data.data.pgpass}}{{ end }}
|
||||
127.0.0.1:*:*:hydra:{{ with secret "kv/data/cluster/hydra" }}{{ .Data.data.pgpass }}{{ end }}
|
||||
EOF
|
||||
destination = "secrets/pgpass-queue-runner"
|
||||
perms = "400"
|
||||
|
@ -184,7 +184,7 @@ EOF
|
|||
|
||||
template {
|
||||
data = <<EOF
|
||||
alter user hydra with encrypted password '{{ with secret "kv/data/hydra" }}{{ .Data.data.pgpass}}{{ end }}';
|
||||
alter user hydra with encrypted password '{{ with secret "kv/data/cluster/hydra" }}{{ .Data.data.pgpass }}{{ end }}';
|
||||
EOF
|
||||
destination = "secrets/init.sql"
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue