iamthefij/orchestration-tests
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update bootstrap for acls

Browse Source
This commit is contained in:
IamTheFij 2022-03-21 20:13:13 -07:00
parent 3ce91f2d0b
commit 970a9f740e
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
nomad/setup-cluster.yml
View File

@ -84,7 +84,7 @@
- "-address=http://127.0.0.1:8200/" - "-address=http://127.0.0.1:8200/"
- "{{ item }}" - "{{ item }}"
loop: "{{ vault_keys }}" loop: "{{ vault_keys }}"
# no_log: true no_log: true
when: vault_keys is defined when: vault_keys is defined
# Not on Ubuntu 20.04 # Not on Ubuntu 20.04
@ -158,13 +158,13 @@
nomad_bind_address: 0.0.0.0 nomad_bind_address: 0.0.0.0
# Default interface for binding tasks # Default interface for binding tasks
nomad_network_interface: lo # nomad_network_interface: lo
# Create networks for binding task ports # Create networks for binding task ports
nomad_host_networks: nomad_host_networks:
- name: public # - name: public
interface: eth0 # interface: eth0
reserved_ports: "22" # reserved_ports: "22"
- name: nomad-bridge - name: nomad-bridge
interface: nomad interface: nomad
reserved_ports: "22" reserved_ports: "22"
@ -172,8 +172,12 @@
interface: lo interface: lo
reserved_ports: "22" reserved_ports: "22"
# Enable ACLs
nomad_acl_enabled: true
# Enable vault integration # Enable vault integration
# nomad_vault_enabled: true nomad_vault_enabled: "{{ vault_token is defined }}"
nomad_vault_token: "{{ vault_token | default('') }}"
nomad_config_custom: nomad_config_custom:
ui: ui:
@ -183,7 +187,7 @@
vault: vault:
ui_url: "http://{{ ansible_hostname }}:8200/ui" ui_url: "http://{{ ansible_hostname }}:8200/ui"
consul: consul:
tag: tags:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.consulcatalog.connect=true" - "traefik.consulcatalog.connect=true"
- "traefik.http.routers.nomadclient.entrypoints=websecure" - "traefik.http.routers.nomadclient.entrypoints=websecure"