WIP: Allow specifying https endpoints and fetching nomad token

2022-08-23 09:50:55 -07:00 · 2022-08-23 09:50:55 -07:00 · c62a0118a5
parent 599dd02bdc
commit c62a0118a5
2 changed files with 26 additions and 8 deletions
--- a/providers.tf
+++ b/providers.tf
@ -24,15 +24,23 @@ locals {
  vault_node_address = "http://${local.vault_node.node_address}:${local.vault_node.port}"
 }

-# Configure the Nomad provider
-provider "nomad" {
-  address   = local.nomad_node_address
-  secret_id = var.nomad_secret_id
-  region    = "global"
-}
-
 # Configure the Vault provider
 provider "vault" {
-  address = local.vault_node_address
+  address = length(var.vault_address) == 0 ? local.vault_node_address : var.vault_address
  token   = var.vault_token
 }
+
+# Something that should exist in a post bootstrap module, right now module includes bootstrapping
+# which requries Admin
+# data "vault_nomad_access_token" "deploy" {
+#   backend = "nomad"
+#   role    = "deploy"
+# }
+
+# Configure the Nomad provider
+provider "nomad" {
+  address   = length(var.nomad_address) == 0 ? local.nomad_node_address : var.nomad_address
+  secret_id = var.nomad_secret_id
+  # secret_id = length(var.nomad_secret_id) == 0 ? data.vault_nomad_access_token.admin.secret_id : var.nomad_secret_id
+  region = "global"
+}
--- a/vars.tf
+++ b/vars.tf
@ -3,6 +3,16 @@ variable "consul_address" {
  default = "http://n1.thefij:8500"
 }

+variable "vault_address" {
+  type    = string
+  default = ""
+}
+
+variable "nomad_address" {
+  type    = string
+  default = ""
+}
+
 variable "base_hostname" {
  type        = string
  description = "Base hostname to serve content from"