lldap: Make it work on first bootstrap

Can't use the job id for creating the variables and permissions because we end up
with circular dependencies. The job won't return until it's successful in Nomad and it won't
start in nomad without access to varibles

databases/lldap.tf

@@ -27,7 +27,21 @@ namespace "default" {
 EOH
 
   job_acl {
-    job_id = resource.nomad_job.lldap.id
+    # job_id = resource.nomad_job.lldap.id
+    job_id = "lldap"
+  }
+}
+
+# Create self-scoped psk so that config is valid at first start
+resource "random_password" "lldap_ldap_psk" {
+  length           = 32
+  override_special = "!@#%&*-_="
+}
+
+resource "nomad_variable" "lldap_ldap_psk" {
+  path = "secrets/ldap/allowed_psks/ldap"
+  items = {
+    psk = "lldap:${resource.random_password.lldap_ldap_psk.result}"
   }
 }
 
@@ -46,7 +60,8 @@ namespace "default" {
 EOH
 
   job_acl {
-    job_id = resource.nomad_job.lldap.id
+    # job_id = resource.nomad_job.lldap.id
+    job_id = "lldap"
     group  = "lldap"
     task   = "lldap"
   }
@@ -67,7 +82,8 @@ namespace "default" {
 EOH
 
   job_acl {
-    job_id = resource.nomad_job.lldap.id
+    # job_id = resource.nomad_job.lldap.id
+    job_id = "lldap"
     group  = "lldap"
     task   = "bootstrap"
   }
@@ -99,7 +115,8 @@ namespace "default" {
 EOH
 
   job_acl {
-    job_id = resource.nomad_job.lldap.id
+    # job_id = resource.nomad_job.lldap.id
+    job_id = "lldap"
     group  = "lldap"
     task   = "stunnel"
   }