homelab-nomad/services/nomad-fixers.tf

23 lines
507 B
Terraform
Raw Permalink Normal View History

resource "nomad_job" "nomad-fixers" {
jobspec = file("${path.module}/nomad-fixers.nomad")
}
resource "nomad_acl_policy" "nomad_fixers_workload" {
name = "nomad-fixers-workload"
description = "Give nomad fixers access to the Nomad api for fixing things"
rules_hcl = <<EOH
namespace "default" {
capabilities = [
"list-jobs",
"read-job",
"submit-job", # This allows deleting a service registeration
"alloc-lifecycle",
]
}
EOH
job_acl {
job_id = "fixers/*"
}
}