2023-05-03 21:16:47 +00:00
|
|
|
resource "nomad_job" "mysql-server" {
|
|
|
|
jobspec = file("${path.module}/mysql.nomad")
|
|
|
|
|
|
|
|
# Block until deployed as there are servics dependent on this one
|
|
|
|
detach = false
|
|
|
|
}
|
|
|
|
|
2023-08-29 19:48:48 +00:00
|
|
|
resource "nomad_acl_policy" "secrets_mysql" {
|
|
|
|
name = "secrets-mysql"
|
|
|
|
description = "Give access to MySQL secrets"
|
|
|
|
rules_hcl = <<EOH
|
|
|
|
namespace "default" {
|
|
|
|
variables {
|
|
|
|
path "secrets/mysql/*" {
|
|
|
|
capabilities = ["read"]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
EOH
|
|
|
|
|
|
|
|
job_acl {
|
|
|
|
job_id = resource.nomad_job.mysql-server.id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-05-03 21:16:47 +00:00
|
|
|
resource "nomad_job" "postgres-server" {
|
|
|
|
jobspec = file("${path.module}/postgres.nomad")
|
|
|
|
|
|
|
|
# Block until deployed as there are servics dependent on this one
|
|
|
|
detach = false
|
|
|
|
}
|
|
|
|
|
2023-08-29 19:48:48 +00:00
|
|
|
resource "nomad_acl_policy" "secrets_postgres" {
|
|
|
|
name = "secrets-postgres"
|
|
|
|
description = "Give access to Postgres secrets"
|
|
|
|
rules_hcl = <<EOH
|
|
|
|
namespace "default" {
|
|
|
|
variables {
|
|
|
|
path "secrets/postgres/*" {
|
|
|
|
capabilities = ["read"]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
EOH
|
|
|
|
|
|
|
|
job_acl {
|
|
|
|
job_id = resource.nomad_job.postgres-server.id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-05-03 21:16:47 +00:00
|
|
|
resource "nomad_job" "redis" {
|
2023-07-07 22:50:23 +00:00
|
|
|
for_each = toset(["blocky", "authelia"])
|
|
|
|
|
|
|
|
jobspec = templatefile("${path.module}/redis.nomad",
|
|
|
|
{
|
|
|
|
name = each.key,
|
|
|
|
}
|
|
|
|
)
|
2023-05-03 21:16:47 +00:00
|
|
|
|
|
|
|
# Block until deployed as there are servics dependent on this one
|
|
|
|
detach = false
|
|
|
|
}
|