Fix lldap secrets

This commit is contained in:
IamTheFij 2024-01-23 12:07:42 -08:00
parent 6fe1b200f2
commit 0a2eace3dd
2 changed files with 5 additions and 4 deletions

View File

@ -215,7 +215,7 @@ delay = yes
accept = {{ env "NOMAD_PORT_tls" }}
connect = 127.0.0.1:{{ env "NOMAD_PORT_ldap" }}
ciphers = PSK
PSKsecrets = {{ env "NOMAD_TASK_DIR" }}/stunnel_psk.txt
PSKsecrets = {{ env "NOMAD_SECRETS_DIR" }}/stunnel_psk.txt
[mysql_client]
client = yes
@ -234,7 +234,7 @@ PSKsecrets = {{ env "NOMAD_SECRETS_DIR" }}/mysql_stunnel_psk.txt
{{ with nomadVar .Path }}{{ .psk }}{{ end }}
{{ end -}}
EOF
destination = "$${NOMAD_TASK_DIR}/stunnel_psk.txt"
destination = "$${NOMAD_SECRETS_DIR}/stunnel_psk.txt"
}
template {

View File

@ -16,6 +16,9 @@ resource "nomad_acl_policy" "lldap_ldap_secrets" {
rules_hcl = <<EOH
namespace "default" {
variables {
path "secrets/ldap/*" {
capabilities = ["read"]
}
path "secrets/ldap" {
capabilities = ["read"]
}
@ -25,8 +28,6 @@ EOH
job_acl {
job_id = resource.nomad_job.lldap.id
group = "lldap"
task = "lldap"
}
}