mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-29 19:46:17 +01:00
57 lines
1.5 KiB
HCL
57 lines
1.5 KiB
HCL
module "blowhole-consul-agent" {
|
|
source = "./consul-agent"
|
|
|
|
hostname = "blowhole"
|
|
datacenter = "homelab-1"
|
|
|
|
vault_consul_secret_backend = vault_consul_secret_backend.consul
|
|
vault_mount = vault_mount.kv
|
|
|
|
encryption_key_path = local.blowhole.consul.encryption_key_path
|
|
encryption_key = random_id.homelab-1_consul_encryption_key.b64_std
|
|
|
|
agent_token_path = local.blowhole.consul.agent_token_path
|
|
anonymous_token_path = local.blowhole.consul.anonymous_token_path
|
|
|
|
consul-anonymous = {
|
|
secret = data.consul_acl_token_secret_id.consul-anonymous.secret_id
|
|
accessor = consul_acl_token.consul-anonymous.id
|
|
}
|
|
}
|
|
|
|
module "blowhole-nomad-server" {
|
|
source = "./nomad-server"
|
|
|
|
hostname = "blowhole"
|
|
datacenter = "homelab-1"
|
|
|
|
vault_consul_secret_backend = vault_consul_secret_backend.consul
|
|
vault_mount = vault_mount.kv
|
|
vault_token_path = local.blowhole.nomad.vault_token_path
|
|
|
|
encryption_key_path = local.blowhole.nomad.encryption_key_path
|
|
encryption_key = random_id.nomad_encryption_key.b64_std
|
|
|
|
consul_token_path = local.blowhole.nomad.consul_token_path
|
|
}
|
|
|
|
module "blowhole-upload-approles" {
|
|
source = "./upload-approles"
|
|
|
|
hostname = "blowhole"
|
|
host = "10.64.2.1"
|
|
user = "main"
|
|
|
|
policies = [
|
|
module.blowhole-consul-agent.vault_policy.name,
|
|
module.blowhole-nomad-server.vault_policy.name,
|
|
vault_policy.pki-inra-update.name
|
|
]
|
|
|
|
metadata = {
|
|
"ip_address" = "blowhole.in.redalder.org"
|
|
}
|
|
|
|
vault_auth_approle = vault_auth_backend.approle
|
|
}
|