Shim service allowing authenticating a Nomad session using Vault
Ian Fijolek
b1cbe02cc8
All checks were successful
continuous-integration/drone/push Build is passing
|
||
---|---|---|
.drone.yml | ||
.gitignore | ||
Dockerfile | ||
LICENSE | ||
main.py | ||
README.md | ||
requirements.txt |
nomad-vault-login
Shim service allowing authenticating a Nomad session using Vault
This service would runs along side Nomad and Vault and proxied on the same hostname so it can write to localstorage. It then provides a form to allow authentication with Vault and then will retrieve the token and store that in the browser for Nomad to use.
Instructions
You can configure the service through environment variables.
BIND_HOST
: Host to bind the server on. Defaults to0.0.0.0
.BIND_PORT
: Port to bind the server on. Defaults to5000
.VAULT_ADDR
: Address where we can find Vault. Defaults tohttp://127.0.0.1:8200
.NOMAD_ROLE
: Default Nomad role to request from Vault. Defaults toadmin
.
Example Caddyfile
nomad.example.com {
reverse_proxy /login localhost:5000
reverse_proxy localhost:4646
}