Update bootstrap for acls

This commit is contained in:
IamTheFij 2022-03-21 20:13:13 -07:00
parent 3ce91f2d0b
commit 970a9f740e

View File

@ -84,7 +84,7 @@
- "-address=http://127.0.0.1:8200/"
- "{{ item }}"
loop: "{{ vault_keys }}"
# no_log: true
no_log: true
when: vault_keys is defined
# Not on Ubuntu 20.04
@ -158,13 +158,13 @@
nomad_bind_address: 0.0.0.0
# Default interface for binding tasks
nomad_network_interface: lo
# nomad_network_interface: lo
# Create networks for binding task ports
nomad_host_networks:
- name: public
interface: eth0
reserved_ports: "22"
# - name: public
# interface: eth0
# reserved_ports: "22"
- name: nomad-bridge
interface: nomad
reserved_ports: "22"
@ -172,8 +172,12 @@
interface: lo
reserved_ports: "22"
# Enable ACLs
nomad_acl_enabled: true
# Enable vault integration
# nomad_vault_enabled: true
nomad_vault_enabled: "{{ vault_token is defined }}"
nomad_vault_token: "{{ vault_token | default('') }}"
nomad_config_custom:
ui:
@ -183,7 +187,7 @@
vault:
ui_url: "http://{{ ansible_hostname }}:8200/ui"
consul:
tag:
tags:
- "traefik.enable=true"
- "traefik.consulcatalog.connect=true"
- "traefik.http.routers.nomadclient.entrypoints=websecure"