From 2466f984680409f2f1bcf0f936b052dd1ecbfeb9 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Tue, 23 Aug 2022 09:50:55 -0700
Subject: [PATCH] Allow specifying https endpoints and fetching nomad token

---
 nomad/providers.tf | 21 +++++++++++++--------
 nomad/vars.tf      | 10 ++++++++++
 2 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/nomad/providers.tf b/nomad/providers.tf
index f454d1c..123a4c2 100644
--- a/nomad/providers.tf
+++ b/nomad/providers.tf
@@ -24,15 +24,20 @@ locals {
   vault_node_address = "http://${local.vault_node.node_address}:${local.vault_node.port}"
 }
 
-# Configure the Nomad provider
-provider "nomad" {
-  address   = local.nomad_node_address
-  secret_id = var.nomad_secret_id
-  region    = "global"
-}
-
 # Configure the Vault provider
 provider "vault" {
-  address = local.vault_node_address
+  address = length(var.vault_address) == 0 ? local.vault_node_address : var.vault_address
   token   = var.vault_token
 }
+
+data "vault_nomad_access_token" "admin" {
+  backend = "nomad"
+  role    = "admin"
+}
+
+# Configure the Nomad provider
+provider "nomad" {
+  address   = length(var.nomad_address) == 0 ? local.nomad_node_address : var.nomad_address
+  secret_id = length(var.nomad_secret_id) == 0 ? data.vault_nomad_access_token.admin.secret_id : var.nomad_secret_id
+  region    = "global"
+}
diff --git a/nomad/vars.tf b/nomad/vars.tf
index b352b2a..9fe54fc 100644
--- a/nomad/vars.tf
+++ b/nomad/vars.tf
@@ -3,6 +3,16 @@ variable "consul_address" {
   default = "http://n1.thefij:8500"
 }
 
+variable "vault_address" {
+  type    = string
+  default = ""
+}
+
+variable "nomad_address" {
+  type    = string
+  default = ""
+}
+
 variable "base_hostname" {
   type        = string
   description = "Base hostname to serve content from"