Add consul back to terraform temporarily while I transition

This commit is contained in:
IamTheFij 2023-03-24 12:48:53 -07:00
parent d8307935f5
commit 9204f3c7f0
3 changed files with 64 additions and 1 deletions

19
.terraform.lock.hcl generated
View File

@ -57,3 +57,22 @@ provider "registry.terraform.io/hashicorp/nomad" {
"zh:ffd1e096c1cc35de879c740a91918e9f06b627818a3cb4b1d87b829b54a6985f", "zh:ffd1e096c1cc35de879c740a91918e9f06b627818a3cb4b1d87b829b54a6985f",
] ]
} }
provider "registry.terraform.io/hashicorp/vault" {
version = "3.14.0"
hashes = [
"h1:/0pqMLODukJUiVpBdxXbb8vwp0HCtbTXWFq0BaNkcZM=",
"zh:07e797c3b14cc45f1a3fa3adb6269f28f182630b9af9403a2a447919d4e9992a",
"zh:0d88c6c50f7975f60c84d446bf95b26652c9457e62f2d5b24221b769d6daf809",
"zh:1670c513f85788308d317e45038234ac367f52f7bd0ea8f527f0a6291dd23659",
"zh:1b5a07fd053a0d7d1da80cb3e929b44c000c614d3738bb7ff82b4d56ed854017",
"zh:34a43de7f3d3749cbc50b81b84fe38961c3dfbda819708a814c2206045ecf69b",
"zh:416f710365d060c8239522363257e162a267c01463ac95ad2c2dd0acf05b6d35",
"zh:73956090e0e9b69adbcfe1bcaad20ec45779f2e7f3f2fb3a5f865402a2cd2485",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:e2df6077e925a8438cfd2deb3bce5f1029a2e3edd2a635b12636d426390600dd",
"zh:e3e2797ae1cfc6aff66329ee81baaf780e1f5f295ad887ac7ff4c1e2754a8c8c",
"zh:f34ec435d16244ecf0f909872850070428aeadd352b6a21ab1f787d81f8bae9f",
"zh:f3a930e64b2c10d2ece5acc856d3438cdd375ccfc5ac10fc4a8fe163f74af93a",
]
}

View File

@ -1,6 +1,45 @@
# Configure Consul provider
provider "consul" {
address = var.consul_address
}
# Get Nomad client from Consul
data "consul_service" "nomad" {
name = "nomad-client"
}
# Get Vault client from Consul
data "consul_service" "vault" {
name = "vault"
tag = "active"
}
locals {
# Get Nomad address from Consul
nomad_node = data.consul_service.nomad.service[0]
nomad_node_address = "http://${local.nomad_node.node_address}:${local.nomad_node.port}"
# Get Vault address from Consul
vault_node = data.consul_service.vault.service[0]
vault_node_address = "http://${local.vault_node.node_address}:${local.vault_node.port}"
}
# Configure the Vault provider
provider "vault" {
address = length(var.vault_address) == 0 ? local.vault_node_address : var.vault_address
token = var.vault_token
}
# Something that should exist in a post bootstrap module, right now module includes bootstrapping
# which requries Admin
# data "vault_nomad_access_token" "deploy" {
# backend = "nomad"
# role = "deploy"
# }
# Configure the Nomad provider # Configure the Nomad provider
provider "nomad" { provider "nomad" {
address = var.nomad_address address = length(var.nomad_address) == 0 ? local.nomad_node_address : var.nomad_address
secret_id = var.nomad_secret_id secret_id = var.nomad_secret_id
# secret_id = length(var.nomad_secret_id) == 0 ? data.vault_nomad_access_token.admin.secret_id : var.nomad_secret_id # secret_id = length(var.nomad_secret_id) == 0 ? data.vault_nomad_access_token.admin.secret_id : var.nomad_secret_id
region = "global" region = "global"

View File

@ -1,3 +1,8 @@
variable "consul_address" {
type = string
default = "http://n1.thefij:8500"
}
variable "nomad_address" { variable "nomad_address" {
type = string type = string
default = "http://n1.thefij:4646" default = "http://n1.thefij:4646"