diff --git a/traefik/traefik.nomad b/traefik/traefik.nomad index da66359..bc9c924 100644 --- a/traefik/traefik.nomad +++ b/traefik/traefik.nomad @@ -73,8 +73,18 @@ job "traefik" { mount { type = "bind" target = "/etc/traefik" - source = "config" + source = "local/config" } + + mount { + type = "bind" + target = "/etc/traefik/usersfile" + source = "secrets/usersfile" + } + } + + vault { + policies = ["access-tables", "nomad-task"] } template { @@ -125,13 +135,10 @@ job "traefik" { [providers.consulCatalog.endpoint] address = "http://<< env "CONSUL_HTTP_ADDR" >>" EOH - destination = "/config/traefik.toml" + destination = "local/config/traefik.toml" } template { - # Avoid conflict with TOML lists [[ ]] and Go templates {{ }} - left_delimiter = "<<" - right_delimiter = ">>" data = <> + {{ with service "nomad-client" -}} [http.services.nomad] [http.services.nomad.loadBalancer] - << range . ->> + {{ range . -}} [[http.services.nomad.loadBalancer.servers]] - url = "http://<< .Address >>:<< .Port >>" - << end >> - <<- end >> - << with service "consul" ->> + url = "http://{{ .Address }}:{{ .Port }}" + {{ end }} + {{- end }} + {{ with service "consul" -}} [http.services.consul] [http.services.consul.loadBalancer] - << range . ->> + {{ range . -}} [[http.services.consul.loadBalancer.servers]] # Not using .Port because that's an RPC port - url = "http://<< .Address >>:8500" - << end >> - <<- end >> - << with service "vault" ->> + url = "http://{{ .Address }}:8500" + {{ end }} + {{- end }} + {{ with service "vault" -}} [http.services.vault] [http.services.vault.loadBalancer] - << range . ->> + {{ range . -}} [[http.services.vault.loadBalancer.servers]] - url = "http://<< .Address >>:<< .Port >>" - << end >> - <<- end >> + url = "http://{{ .Address }}:{{ .Port }}" + {{ end }} + {{- end }} EOH - destination = "/config/conf/route-hashi.toml" + destination = "local/config/conf/route-hashi.toml" + change_mode = "noop" + } + + template { + data = <