From c17a3c950ade1c397c21b76271ff4ce9175ae226 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Wed, 27 Jul 2022 13:40:21 -0700
Subject: [PATCH] Add further todos for Nomad Vault

---
 setup-cluster.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/setup-cluster.yml b/setup-cluster.yml
index 92a1649..fb4fe1f 100644
--- a/setup-cluster.yml
+++ b/setup-cluster.yml
@@ -343,9 +343,11 @@
         # Enable vault integration
         # TODO: This fails on first run because the Nomad-Vault integration can't be set up
         # until Nomad has started. Could maybe figure out if ACLs have been set up and leave
-        # these out until the later play
+        # these out until the later play, maybe just bootstrap the nomad-cluster role in Vault
+        # befor Nomad is set up
         nomad_vault_address: "http://vault.service.consul:8200"
         nomad_vault_create_from_role: "nomad-cluster"
+        # TODO: Probably want to restict this to a narrower scoped token
         nomad_vault_enabled: "{{ root_token is defined }}"
         nomad_vault_token: "{{ root_token | default('') }}"