24 lines
846 B
Markdown
24 lines
846 B
Markdown
# nomad-vault-login
|
|
|
|
Shim service allowing authenticating a Nomad session using Vault
|
|
|
|
This service would runs along side Nomad and Vault and proxied on the same hostname so it can write to localstorage. It then provides a form to allow authentication with Vault and then will retrieve the token and store that in the browser for Nomad to use.
|
|
|
|
## Instructions
|
|
|
|
You can configure the service through environment variables.
|
|
|
|
* `BIND_HOST`: Host to bind the server on. Defaults to `0.0.0.0`.
|
|
* `BIND_PORT`: Port to bind the server on. Defaults to `5000`.
|
|
* `VAULT_ADDR`: Address where we can find Vault. Defaults to `http://127.0.0.1:8200`.
|
|
* `NOMAD_ROLE`: Default Nomad role to request from Vault. Defaults to `admin`.
|
|
|
|
Example Caddyfile
|
|
|
|
```caddyfile
|
|
nomad.example.com {
|
|
reverse_proxy /login localhost:5000
|
|
reverse_proxy localhost:4646
|
|
}
|
|
```
|