24 lines
470 B
HCL
24 lines
470 B
HCL
resource "nomad_job" "lego" {
|
|
jobspec = file("${path.module}/lego.nomad")
|
|
}
|
|
|
|
resource "nomad_acl_policy" "secrets_certs_write" {
|
|
name = "secrets-certs-write"
|
|
description = "Write certs to secrets store"
|
|
rules_hcl = <<EOH
|
|
namespace "default" {
|
|
variables {
|
|
path "secrets/certs/*" {
|
|
capabilities = ["write", "read"]
|
|
}
|
|
path "secrets/certs" {
|
|
capabilities = ["write", "read"]
|
|
}
|
|
}
|
|
}
|
|
EOH
|
|
job_acl {
|
|
job_id = "lego/*"
|
|
}
|
|
}
|