From 842e656342e5d566301f9c6a0fe7f8785f2227a4 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Thu, 21 Jul 2022 20:15:11 -0700
Subject: [PATCH] Add consul bootstrap and move vault to an example

---
 .secrets-baseline                                         | 8 ++++----
 nomad/.gitignore                                          | 2 ++
 nomad/consul_values.example.yml                           | 4 ++++
 nomad/setup-cluster.yml                                   | 7 +++++++
 ...lt_values.yml => vault_hashi_vault_values.example.yml} | 0
 5 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100644 nomad/consul_values.example.yml
 rename nomad/{vault_hashi_vault_values.yml => vault_hashi_vault_values.example.yml} (100%)

diff --git a/.secrets-baseline b/.secrets-baseline
index 3c1aae3..bf91ca4 100644
--- a/.secrets-baseline
+++ b/.secrets-baseline
@@ -541,10 +541,10 @@
         "is_secret": false
       }
     ],
-    "nomad/vault_hashi_vault_values.yml": [
+    "nomad/vault_hashi_vault_values.example.yml": [
       {
         "type": "Secret Keyword",
-        "filename": "nomad/vault_hashi_vault_values.yml",
+        "filename": "nomad/vault_hashi_vault_values.example.yml",
         "hashed_secret": "f2baa52d02ca888455ce47823f47bf372d5eecb3",
         "is_verified": false,
         "line_number": 8,
@@ -552,7 +552,7 @@
       },
       {
         "type": "Secret Keyword",
-        "filename": "nomad/vault_hashi_vault_values.yml",
+        "filename": "nomad/vault_hashi_vault_values.example.yml",
         "hashed_secret": "18960546905b75c869e7de63961dc185f9a0a7c9",
         "is_verified": false,
         "line_number": 10,
@@ -560,5 +560,5 @@
       }
     ]
   },
-  "generated_at": "2022-07-22T02:03:22Z"
+  "generated_at": "2022-07-22T03:15:58Z"
 }
diff --git a/nomad/.gitignore b/nomad/.gitignore
index 62bf69b..fb66e6b 100644
--- a/nomad/.gitignore
+++ b/nomad/.gitignore
@@ -4,3 +4,5 @@ vault-keys.json
 nomad_bootstrap.json
 ca/
 collections/ansible_collections/
+consul_values.yml
+vault_hashi_vault_values.yml
diff --git a/nomad/consul_values.example.yml b/nomad/consul_values.example.yml
new file mode 100644
index 0000000..023dded
--- /dev/null
+++ b/nomad/consul_values.example.yml
@@ -0,0 +1,4 @@
+consul_values:
+  "blocky/whitelists/ads": |
+    - |
+      somedomain.com
diff --git a/nomad/setup-cluster.yml b/nomad/setup-cluster.yml
index a5dab1a..613cc72 100644
--- a/nomad/setup-cluster.yml
+++ b/nomad/setup-cluster.yml
@@ -77,6 +77,13 @@
             # TODO: propogate this through via Consul and Nomad templates rather than Terraform
             value: dev.homelab
 
+        - name: Write values
+          consul_kv:
+            host: "{{ inventory_hostname }}"
+            key: "{{ item.key }}"
+            value: "{{ item.value }}"
+          loop: "{{ consul_values | default({}) | dict2items }}"
+
 - name: Setup Vault cluster
   hosts: vault_instances
 
diff --git a/nomad/vault_hashi_vault_values.yml b/nomad/vault_hashi_vault_values.example.yml
similarity index 100%
rename from nomad/vault_hashi_vault_values.yml
rename to nomad/vault_hashi_vault_values.example.yml