From f1316367de9f69a137744ad0e34ba47980c1f4d4 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Wed, 13 Apr 2022 14:01:14 -0700
Subject: [PATCH] Lint, format, lock

---
 .gitignore                                    |  1 -
 .pre-commit-config.yaml                       | 22 +++++++++++
 README.md                                     |  1 -
 k8s-test/core/main.tf                         |  8 ++--
 k8s-test/core/providers.tf                    |  9 ++---
 .../services/authentik/.terraform.lock.hcl    | 21 ++++++++++
 k8s-test/services/authentik/main.tf           | 14 +++----
 k8s-test/services/blocky/.terraform.lock.hcl  | 21 ++++++++++
 k8s-test/services/blocky/config.yml           |  1 -
 k8s-test/services/blocky/main.tf              | 14 +++----
 k8s-test/services/blocky_config.yml           |  1 -
 k8s-test/services/main.tf                     | 20 +++++-----
 k8s-test/services/providers.tf                |  9 ++---
 .../simple_service/.terraform.lock.hcl        | 21 ++++++++++
 k8s-test/services/simple_service/main.tf      | 10 ++---
 .../traefik_ingress/.terraform.lock.hcl       | 21 ++++++++++
 k8s-test/services/traefik_ingress/main.tf     | 16 ++++----
 nomad/.gitignore                              |  1 +
 nomad/Makefile                                |  1 -
 nomad/acls/.terraform.lock.hcl                | 38 +++++++++++++++++++
 nomad/acls/nomad_vault.tf                     | 16 ++++----
 nomad/ansible_hosts.yml                       |  4 +-
 nomad/blocky/.terraform.lock.hcl              | 20 ++++++++++
 nomad/blocky/blocky.tf                        |  4 +-
 nomad/media/.terraform.lock.hcl               | 20 ++++++++++
 nomad/media/caddy.nomad                       |  4 +-
 nomad/metrics/.terraform.lock.hcl             | 18 +++++++++
 nomad/metrics/exporters.nomad                 |  5 +--
 nomad/metrics/metrics.tf                      |  2 +-
 nomad/metrics/prometheus.nomad                |  2 +-
 nomad/mysql/.terraform.lock.hcl               | 38 +++++++++++++++++++
 nomad/nextcloud/.terraform.lock.hcl           | 20 ++++++++++
 nomad/nextcloud/nextcloud.nomad               |  8 ++--
 nomad/providers.tf                            | 12 +++---
 nomad/redis/.terraform.lock.hcl               | 38 +++++++++++++++++++
 nomad/services.tf                             |  4 +-
 nomad/traefik/.terraform.lock.hcl             | 38 +++++++++++++++++++
 nomad/traefik/traefik.tf                      |  9 ++---
 nomad/vars.tf                                 | 14 +++----
 39 files changed, 427 insertions(+), 99 deletions(-)
 create mode 100644 .pre-commit-config.yaml
 create mode 100644 k8s-test/services/authentik/.terraform.lock.hcl
 create mode 100644 k8s-test/services/blocky/.terraform.lock.hcl
 create mode 100644 k8s-test/services/simple_service/.terraform.lock.hcl
 create mode 100644 k8s-test/services/traefik_ingress/.terraform.lock.hcl
 create mode 100644 nomad/acls/.terraform.lock.hcl
 create mode 100644 nomad/blocky/.terraform.lock.hcl
 create mode 100644 nomad/media/.terraform.lock.hcl
 create mode 100644 nomad/mysql/.terraform.lock.hcl
 create mode 100644 nomad/nextcloud/.terraform.lock.hcl
 create mode 100644 nomad/redis/.terraform.lock.hcl
 create mode 100644 nomad/traefik/.terraform.lock.hcl

diff --git a/.gitignore b/.gitignore
index c6bdac9..4c8ff99 100644
--- a/.gitignore
+++ b/.gitignore
@@ -37,4 +37,3 @@ terraform.rc
 
 # ---> Ansible
 *.retry
-
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..c28c806
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,22 @@
+---
+repos:
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.64.1
+    hooks:
+      - id: terraform_fmt
+      - id: terraform_validate
+      - id: terraform_providers_lock
+      # - id: terraform_tflint
+      # - id: terraform_tfsec
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.1.0
+    hooks:
+      - id: check-added-large-files
+      - id: check-merge-conflict
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+  # - repo: https://github.com/Yelp/detect-secrets
+  #   rev: v1.0.3
+  #   hooks:
+  #     - id: detect-secrets
+  #       args: ['--baseline', '.secrets-baseline']
diff --git a/README.md b/README.md
index df9b739..5c00c9a 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1 @@
 # orchestration-tests
-
diff --git a/k8s-test/core/main.tf b/k8s-test/core/main.tf
index aaf4f87..779fba2 100644
--- a/k8s-test/core/main.tf
+++ b/k8s-test/core/main.tf
@@ -1,15 +1,15 @@
 resource "helm_release" "traefik" {
-  name = "traefik"
+  name       = "traefik"
   repository = "https://helm.traefik.io/traefik"
-  chart = "traefik"
+  chart      = "traefik"
 
   set {
-    name = "ingressClass.enabled"
+    name  = "ingressClass.enabled"
     value = true
   }
 
   set {
-    name = "ingressClass.isDefaultClass"
+    name  = "ingressClass.isDefaultClass"
     value = true
   }
 }
diff --git a/k8s-test/core/providers.tf b/k8s-test/core/providers.tf
index 051ddc5..c3c2445 100644
--- a/k8s-test/core/providers.tf
+++ b/k8s-test/core/providers.tf
@@ -1,22 +1,21 @@
 variable "kube_config_path" {
-  type = string
+  type    = string
   default = "~/.kube/config"
 }
 
 variable "kube_config_context" {
-  type = string
+  type    = string
   default = "colima"
 }
 
 provider "kubernetes" {
-  config_path = var.kube_config_path
+  config_path    = var.kube_config_path
   config_context = var.kube_config_context
 }
 
 provider "helm" {
   kubernetes {
-    config_path = var.kube_config_path
+    config_path    = var.kube_config_path
     config_context = var.kube_config_context
   }
 }
-
diff --git a/k8s-test/services/authentik/.terraform.lock.hcl b/k8s-test/services/authentik/.terraform.lock.hcl
new file mode 100644
index 0000000..d578143
--- /dev/null
+++ b/k8s-test/services/authentik/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/helm" {
+  version = "2.5.0"
+  hashes = [
+    "h1:cJl2bkAv9vrM8uV/BLdYnOoiTB6BeOPDJ9NBcqbmPd0=",
+    "zh:16b4dfcaf5bdef9fc10926cef8c9992a1bf3de1c99fb679923421e3b5a9d4307",
+    "zh:1e1456943bea1c9f5b1671d55796c65fbe8ac0980c3a79e4fdcaf5fa320e4c8f",
+    "zh:302b57485a8fe540dd55e2306680e51db54a83a630830f9a106c1ac38c1f6a91",
+    "zh:5ea2eafa735f7cd696e8f118271aedab68a46eb1f6f7f00126338fa302a0cc0b",
+    "zh:66bf1709bb20b24bd26b476081207e69500d1a6bc50829b9033a785050d3a8bd",
+    "zh:7166a85433037029caf04246ccff3d455e3a58868a58c29611e3b275e272299a",
+    "zh:809ddc3759c27ca76e5be8cfab45cecea04d0ae49172bbe326e7740bfbcd5aeb",
+    "zh:9335805d3eed0789c1718fd55d91ffe24681536302d1cd2d07ccf649828406bd",
+    "zh:d7c069fe721bc49a3a19f7c54c7498f492322891a7ce7b9adc6b57edae694933",
+    "zh:d9f5514ecf0cf811716b478c677526e18ac2d2cb5f6bec884096e970b2865798",
+    "zh:e899083259416874d75b58813446d0aa045efd9047d324b10810490dd72faa24",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
diff --git a/k8s-test/services/authentik/main.tf b/k8s-test/services/authentik/main.tf
index 3e413d8..6cb133d 100644
--- a/k8s-test/services/authentik/main.tf
+++ b/k8s-test/services/authentik/main.tf
@@ -1,22 +1,22 @@
 locals {
   authentik_chart_values = {
-    "ingress.enabled" = true,
-    "ingress.hosts[0].host" = "authentik.dev.homelab"
-    "ingress.hosts[0].paths[0].path" = "/"
+    "ingress.enabled"                    = true,
+    "ingress.hosts[0].host"              = "authentik.dev.homelab"
+    "ingress.hosts[0].paths[0].path"     = "/"
     "ingress.hosts[0].paths[0].pathType" = "Prefix"
   }
 }
 
 resource "helm_release" "authentik" {
-  name = "authentik"
+  name       = "authentik"
   repository = "https://charts.goauthentik.io/"
-  chart = "authentik"
-  version = "5.2.2"
+  chart      = "authentik"
+  version    = "5.2.2"
 
   dynamic "set" {
     for_each = local.authentik_chart_values
     content {
-      name = set.key
+      name  = set.key
       value = set.value
     }
   }
diff --git a/k8s-test/services/blocky/.terraform.lock.hcl b/k8s-test/services/blocky/.terraform.lock.hcl
new file mode 100644
index 0000000..d578143
--- /dev/null
+++ b/k8s-test/services/blocky/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/helm" {
+  version = "2.5.0"
+  hashes = [
+    "h1:cJl2bkAv9vrM8uV/BLdYnOoiTB6BeOPDJ9NBcqbmPd0=",
+    "zh:16b4dfcaf5bdef9fc10926cef8c9992a1bf3de1c99fb679923421e3b5a9d4307",
+    "zh:1e1456943bea1c9f5b1671d55796c65fbe8ac0980c3a79e4fdcaf5fa320e4c8f",
+    "zh:302b57485a8fe540dd55e2306680e51db54a83a630830f9a106c1ac38c1f6a91",
+    "zh:5ea2eafa735f7cd696e8f118271aedab68a46eb1f6f7f00126338fa302a0cc0b",
+    "zh:66bf1709bb20b24bd26b476081207e69500d1a6bc50829b9033a785050d3a8bd",
+    "zh:7166a85433037029caf04246ccff3d455e3a58868a58c29611e3b275e272299a",
+    "zh:809ddc3759c27ca76e5be8cfab45cecea04d0ae49172bbe326e7740bfbcd5aeb",
+    "zh:9335805d3eed0789c1718fd55d91ffe24681536302d1cd2d07ccf649828406bd",
+    "zh:d7c069fe721bc49a3a19f7c54c7498f492322891a7ce7b9adc6b57edae694933",
+    "zh:d9f5514ecf0cf811716b478c677526e18ac2d2cb5f6bec884096e970b2865798",
+    "zh:e899083259416874d75b58813446d0aa045efd9047d324b10810490dd72faa24",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
diff --git a/k8s-test/services/blocky/config.yml b/k8s-test/services/blocky/config.yml
index 6f6c4a5..846ef1f 100644
--- a/k8s-test/services/blocky/config.yml
+++ b/k8s-test/services/blocky/config.yml
@@ -18,4 +18,3 @@ customDNS:
 
 port: 53
 httpPort: 4000
-
diff --git a/k8s-test/services/blocky/main.tf b/k8s-test/services/blocky/main.tf
index 8ad0032..d713bb8 100644
--- a/k8s-test/services/blocky/main.tf
+++ b/k8s-test/services/blocky/main.tf
@@ -1,25 +1,25 @@
 locals {
-  blocky_config = file("${path.module}/blocky_config.yml")
+  blocky_config = file("${path.module}/config.yml")
 }
 
 resource "helm_release" "blocky" {
-  name = "blocky"
+  name       = "blocky"
   repository = "https://k8s-at-home.com/charts/"
-  chart = "blocky"
+  chart      = "blocky"
 
 
   set {
-    name = "env.TZ"
+    name  = "env.TZ"
     value = "America/Los_Angeles"
   }
 
   set {
-    name = "metrics.enabled"
+    name  = "metrics.enabled"
     value = true
   }
 
   set {
-    name = "config"
-    value = "${local.blocky_config}"
+    name  = "config"
+    value = local.blocky_config
   }
 }
diff --git a/k8s-test/services/blocky_config.yml b/k8s-test/services/blocky_config.yml
index 6f6c4a5..846ef1f 100644
--- a/k8s-test/services/blocky_config.yml
+++ b/k8s-test/services/blocky_config.yml
@@ -18,4 +18,3 @@ customDNS:
 
 port: 53
 httpPort: 4000
-
diff --git a/k8s-test/services/main.tf b/k8s-test/services/main.tf
index 84dd0d9..750fbc3 100644
--- a/k8s-test/services/main.tf
+++ b/k8s-test/services/main.tf
@@ -1,17 +1,17 @@
 resource "kubernetes_manifest" "traefik_dashboard" {
   manifest = {
     apiVersion = "traefik.containo.us/v1alpha1"
-    kind = "IngressRoute"
+    kind       = "IngressRoute"
     metadata = {
-      name = "public-traefik-dashboard"
+      name      = "public-traefik-dashboard"
       namespace = "default"
     }
     spec = {
-      entryPoints = [ "web" ]
+      entryPoints = ["web"]
       routes = [
         {
           match = "PathPrefix(`/dashboard`) || PathPrefix(`/api`)"
-          kind = "Rule"
+          kind  = "Rule"
           services = [
             {
               name = "api@internal"
@@ -27,30 +27,30 @@ resource "kubernetes_manifest" "traefik_dashboard" {
 module "whoami" {
   source = "./simple_service"
 
-  name = "whoami"
-  image = "containous/whoami:latest"
+  name         = "whoami"
+  image        = "containous/whoami:latest"
   expose_ports = [80]
 }
 
 module "whoami-ingress" {
   source = "./traefik_ingress"
 
-  app_name = "whoami"
+  app_name    = "whoami"
   match_route = "PathPrefix(`/whoami`)"
 }
 
 module "whoami2" {
   source = "./simple_service"
 
-  name = "whoami2"
-  image = "containous/whoami:latest"
+  name         = "whoami2"
+  image        = "containous/whoami:latest"
   expose_ports = [80]
 }
 
 module "whoami2-ingress" {
   source = "./traefik_ingress"
 
-  app_name = "whoami2"
+  app_name    = "whoami2"
   match_route = "PathPrefix(`/whoami2`)"
 }
 
diff --git a/k8s-test/services/providers.tf b/k8s-test/services/providers.tf
index 051ddc5..c3c2445 100644
--- a/k8s-test/services/providers.tf
+++ b/k8s-test/services/providers.tf
@@ -1,22 +1,21 @@
 variable "kube_config_path" {
-  type = string
+  type    = string
   default = "~/.kube/config"
 }
 
 variable "kube_config_context" {
-  type = string
+  type    = string
   default = "colima"
 }
 
 provider "kubernetes" {
-  config_path = var.kube_config_path
+  config_path    = var.kube_config_path
   config_context = var.kube_config_context
 }
 
 provider "helm" {
   kubernetes {
-    config_path = var.kube_config_path
+    config_path    = var.kube_config_path
     config_context = var.kube_config_context
   }
 }
-
diff --git a/k8s-test/services/simple_service/.terraform.lock.hcl b/k8s-test/services/simple_service/.terraform.lock.hcl
new file mode 100644
index 0000000..c34776f
--- /dev/null
+++ b/k8s-test/services/simple_service/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/kubernetes" {
+  version = "2.9.0"
+  hashes = [
+    "h1:mKX1pJCT8LbRpTVfoOif+ooWq2Sm2UJ7Fpsh8QQxlnk=",
+    "zh:114113e9cd0489d2db8374f3352cc9b29667a42462f922eb9c891c6daf1c38fa",
+    "zh:31dcf16083142f2978fc933cead038e671798053fb1fd3c18a2331afb7abe264",
+    "zh:44743af5da8cfb9937b0831fdfbadd949a106440420f5f7373734181121f1b98",
+    "zh:63eeacd73e71bcdeb796abde45dac56331ccb5ee39d97138a4a4ae755ef314a7",
+    "zh:645ae4f95508a6a878a21fc8031a09b7c1f95fb87b7d97dfce38d572d4bd5c5c",
+    "zh:782f0dd9fda68406f1783d3b4f25c4077dd4a6a87efe7dcaae68038c2dd57e33",
+    "zh:87dd58eacd557106c9d77fca4211e2c5fa3416c56c8dccad2b30f8d627ffe413",
+    "zh:b61582b7bfdb19d9155b535fe54b2ce5425934e8f5f65389e3cfe75577be4f07",
+    "zh:bf97f54f94d99461a1fc8199ece3300e59b896d6aeaea8395beb4d544557b1cc",
+    "zh:c536669089d75a9ea2582feae0204bd5989622168d99cd71822067be40223105",
+    "zh:e596310a343780d4ef7ad08e05bdbcb91dc41a11ed08b58ad7590903d9d9982f",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
diff --git a/k8s-test/services/simple_service/main.tf b/k8s-test/services/simple_service/main.tf
index d195b6c..22638f4 100644
--- a/k8s-test/services/simple_service/main.tf
+++ b/k8s-test/services/simple_service/main.tf
@@ -7,18 +7,18 @@ variable "image" {
 }
 
 variable "replicas" {
-  type = number
+  type    = number
   default = 1
 }
 
 variable "expose_ports" {
-  type = list(number)
+  type    = list(number)
   default = []
 }
 
 variable "host_ports" {
   type = list(object({
-    host_port = number
+    host_port      = number
     container_port = number
   }))
   default = []
@@ -50,7 +50,7 @@ resource "kubernetes_deployment" "simple-service" {
 
       spec {
         container {
-          name = var.name
+          name  = var.name
           image = var.image
 
           dynamic "port" {
@@ -63,7 +63,7 @@ resource "kubernetes_deployment" "simple-service" {
           dynamic "port" {
             for_each = toset(var.host_ports)
             content {
-              host_port = port.key.host_port
+              host_port      = port.key.host_port
               container_port = port.key.container_port
             }
           }
diff --git a/k8s-test/services/traefik_ingress/.terraform.lock.hcl b/k8s-test/services/traefik_ingress/.terraform.lock.hcl
new file mode 100644
index 0000000..c34776f
--- /dev/null
+++ b/k8s-test/services/traefik_ingress/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/kubernetes" {
+  version = "2.9.0"
+  hashes = [
+    "h1:mKX1pJCT8LbRpTVfoOif+ooWq2Sm2UJ7Fpsh8QQxlnk=",
+    "zh:114113e9cd0489d2db8374f3352cc9b29667a42462f922eb9c891c6daf1c38fa",
+    "zh:31dcf16083142f2978fc933cead038e671798053fb1fd3c18a2331afb7abe264",
+    "zh:44743af5da8cfb9937b0831fdfbadd949a106440420f5f7373734181121f1b98",
+    "zh:63eeacd73e71bcdeb796abde45dac56331ccb5ee39d97138a4a4ae755ef314a7",
+    "zh:645ae4f95508a6a878a21fc8031a09b7c1f95fb87b7d97dfce38d572d4bd5c5c",
+    "zh:782f0dd9fda68406f1783d3b4f25c4077dd4a6a87efe7dcaae68038c2dd57e33",
+    "zh:87dd58eacd557106c9d77fca4211e2c5fa3416c56c8dccad2b30f8d627ffe413",
+    "zh:b61582b7bfdb19d9155b535fe54b2ce5425934e8f5f65389e3cfe75577be4f07",
+    "zh:bf97f54f94d99461a1fc8199ece3300e59b896d6aeaea8395beb4d544557b1cc",
+    "zh:c536669089d75a9ea2582feae0204bd5989622168d99cd71822067be40223105",
+    "zh:e596310a343780d4ef7ad08e05bdbcb91dc41a11ed08b58ad7590903d9d9982f",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
diff --git a/k8s-test/services/traefik_ingress/main.tf b/k8s-test/services/traefik_ingress/main.tf
index e901751..74274df 100644
--- a/k8s-test/services/traefik_ingress/main.tf
+++ b/k8s-test/services/traefik_ingress/main.tf
@@ -7,12 +7,12 @@ variable "match_route" {
 }
 
 variable "app_port" {
-  type = number
+  type    = number
   default = 80
 }
 
 variable "app_port_name" {
-  type = string
+  type    = string
   default = "http"
 }
 
@@ -25,12 +25,12 @@ variable "entrypoints" {
 }
 
 variable "namespace" {
-  type = string
+  type    = string
   default = "default"
 }
 
 locals {
-  service_name =  "${var.app_name}-service"
+  service_name = "${var.app_name}-service"
   ingress_name = "${var.app_name}-ingress"
 }
 
@@ -42,7 +42,7 @@ resource "kubernetes_service" "traefik-ingress-service" {
     selector = {
       app = var.app_name
     }
-    
+
     port {
       name = var.app_port_name
       port = var.app_port
@@ -53,9 +53,9 @@ resource "kubernetes_service" "traefik-ingress-service" {
 resource "kubernetes_manifest" "traefik-ingress-route" {
   manifest = {
     apiVersion = "traefik.containo.us/v1alpha1"
-    kind = "IngressRoute"
+    kind       = "IngressRoute"
     metadata = {
-      name = local.ingress_name
+      name      = local.ingress_name
       namespace = var.namespace
     }
     spec = {
@@ -63,7 +63,7 @@ resource "kubernetes_manifest" "traefik-ingress-route" {
       routes = [
         {
           match = var.match_route
-          kind = "Rule"
+          kind  = "Rule"
           services = [
             {
               kind = "Service"
diff --git a/nomad/.gitignore b/nomad/.gitignore
index 74e2eb5..767f996 100644
--- a/nomad/.gitignore
+++ b/nomad/.gitignore
@@ -2,3 +2,4 @@ roles/
 venv/
 vault-keys.json
 nomad_bootstrap.json
+ca/
diff --git a/nomad/Makefile b/nomad/Makefile
index d10cdc8..4f05470 100644
--- a/nomad/Makefile
+++ b/nomad/Makefile
@@ -77,4 +77,3 @@ apply:
 # curl -L -o cni-plugins.tgz "https://github.com/containernetworking/plugins/releases/download/v1.0.0/cni-plugins-linux-$( [ $(uname -m) = aarch64 ] && echo arm64 || echo amd64)"-v1.0.0.tgz
 # sudo mkdir -p /opt/cni/bin
 # sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
-
diff --git a/nomad/acls/.terraform.lock.hcl b/nomad/acls/.terraform.lock.hcl
new file mode 100644
index 0000000..e640ec8
--- /dev/null
+++ b/nomad/acls/.terraform.lock.hcl
@@ -0,0 +1,38 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/vault" {
+  version = "3.4.1"
+  hashes = [
+    "h1:oow6cAwKiFpJBBWKsDqNmwZIrFTWWvoeIbqs+vyUDE0=",
+    "zh:1eb8370a1846e34e2bcc4d11eece5733735784a8eab447bbed3cfd822101b577",
+    "zh:2df3989327cea68b2167514b7ebddc67b09340f00bbf3fa85df03c97adfb9d25",
+    "zh:3dd1e317264f574985e856296deef71a76464918bf0566eb0d7f6389ea0586bd",
+    "zh:9750861f2822482aa608ea5a52b385bc42b2e1f2511094e6a975412618c4495d",
+    "zh:9b940e7f78975d29a4d0a116cf43c0bc1cb03bec4ad8d34887d64e6e60bacb9e",
+    "zh:9cb6e7ad2a62529d35dacd20695d49c2f02230cb785d46178cc10f4ec80e5a51",
+    "zh:a12718689bbcb37bcbb9132c18bffd354fad8ab5c8cb89cec1a0ee85c65b8cb7",
+    "zh:a6e38afacca1af4fab04a9f2dc49b8295eb462db68bdc7451352d0f950f804f8",
+    "zh:d6e0e994d51b9e07d5713d4796381f9e129e9de962e79caae2b7055f6f68297e",
+    "zh:ea4bbef7a1bb2553db473fa304c93845674167b61e8c9677107a96c8c696da12",
+    "zh:f985a8b7f4ef7d1eba9cef7d99997ee9c4a54ffe76dab7fa8b1fdec2a9edca7e",
+  ]
+}
diff --git a/nomad/acls/nomad_vault.tf b/nomad/acls/nomad_vault.tf
index 28ba3c6..f2cfdef 100644
--- a/nomad/acls/nomad_vault.tf
+++ b/nomad/acls/nomad_vault.tf
@@ -4,25 +4,25 @@ resource "nomad_acl_token" "vault" {
 }
 
 resource "vault_nomad_secret_backend" "config" {
-    backend = "nomad"
-    description = "Nomad ACL"
-    token = nomad_acl_token.vault.secret_id
+  backend     = "nomad"
+  description = "Nomad ACL"
+  token       = nomad_acl_token.vault.secret_id
 }
 
 resource "vault_nomad_secret_role" "nomad-deploy" {
-  backend = vault_nomad_secret_backend.config.backend
-  role = "nomad-deploy"
+  backend  = vault_nomad_secret_backend.config.backend
+  role     = "nomad-deploy"
   policies = ["nomad-deploy"]
 }
 
 resource "vault_nomad_secret_role" "admin" {
   backend = vault_nomad_secret_backend.config.backend
-  role = "admin-management"
-  type = "management"
+  role    = "admin-management"
+  type    = "management"
 }
 
 resource "vault_policy" "nomad-deploy" {
-  name = "nomad-deploy"
+  name   = "nomad-deploy"
   policy = <<EOH
 path "nomad/creds/nomad-deploy" {
   capabilities = ["read"]
diff --git a/nomad/ansible_hosts.yml b/nomad/ansible_hosts.yml
index b66b790..0d5745a 100644
--- a/nomad/ansible_hosts.yml
+++ b/nomad/ansible_hosts.yml
@@ -42,10 +42,10 @@ all:
 
     consul_instances:
       children:
-        servers: {}
+        # servers: {}
     nomad_instances:
       children:
         servers: {}
     vault_instances:
       children:
-        servers: {}
+        # servers: {}
diff --git a/nomad/blocky/.terraform.lock.hcl b/nomad/blocky/.terraform.lock.hcl
new file mode 100644
index 0000000..4a078a2
--- /dev/null
+++ b/nomad/blocky/.terraform.lock.hcl
@@ -0,0 +1,20 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
diff --git a/nomad/blocky/blocky.tf b/nomad/blocky/blocky.tf
index cd578bc..9d1246f 100644
--- a/nomad/blocky/blocky.tf
+++ b/nomad/blocky/blocky.tf
@@ -1,7 +1,7 @@
 variable "base_hostname" {
-  type = string
+  type        = string
   description = "Base hostname to serve content from"
-  default = "dev.homelab"
+  default     = "dev.homelab"
 }
 
 locals {
diff --git a/nomad/media/.terraform.lock.hcl b/nomad/media/.terraform.lock.hcl
new file mode 100644
index 0000000..4a078a2
--- /dev/null
+++ b/nomad/media/.terraform.lock.hcl
@@ -0,0 +1,20 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
diff --git a/nomad/media/caddy.nomad b/nomad/media/caddy.nomad
index 48c0b15..019108d 100644
--- a/nomad/media/caddy.nomad
+++ b/nomad/media/caddy.nomad
@@ -43,7 +43,7 @@ job "multimedia" {
         "traefik.http.routers.library.entryPoints=websecure",
       ]
     }
-    
+
     task "main" {
       driver = "docker"
 
@@ -52,7 +52,7 @@ job "multimedia" {
         destination = "/mnt/media"
         read_only = true
       }
-      
+
       config {
         image = "caddy"
         args = [
diff --git a/nomad/metrics/.terraform.lock.hcl b/nomad/metrics/.terraform.lock.hcl
index 4a078a2..027dbaa 100644
--- a/nomad/metrics/.terraform.lock.hcl
+++ b/nomad/metrics/.terraform.lock.hcl
@@ -1,6 +1,24 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 
+provider "registry.terraform.io/hashicorp/consul" {
+  version = "2.15.0"
+  hashes = [
+    "h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
+    "zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
+    "zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
+    "zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
+    "zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
+    "zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
+    "zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
+    "zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
+    "zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
+    "zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
+    "zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
+    "zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
+  ]
+}
+
 provider "registry.terraform.io/hashicorp/nomad" {
   version = "1.4.16"
   hashes = [
diff --git a/nomad/metrics/exporters.nomad b/nomad/metrics/exporters.nomad
index bf76cf8..00fb2ba 100644
--- a/nomad/metrics/exporters.nomad
+++ b/nomad/metrics/exporters.nomad
@@ -90,7 +90,7 @@ job "metrics" {
 
     task "cadvisor" {
       driver = "docker"
-      
+
       config {
         # image = "iamthefij/cadvisor:0.37.5"
         image = "gcr.io/cadvisor/cadvisor:v0.39.3"
@@ -200,7 +200,7 @@ job "metrics" {
 
     task "node_exporter" {
       driver = "docker"
-      
+
       config {
         image = "prom/node-exporter:v1.0.1"
         args = ["--path.rootfs", "/host"]
@@ -222,4 +222,3 @@ job "metrics" {
     }
   }
 }
-
diff --git a/nomad/metrics/metrics.tf b/nomad/metrics/metrics.tf
index d12a3cd..6aab04c 100644
--- a/nomad/metrics/metrics.tf
+++ b/nomad/metrics/metrics.tf
@@ -1,5 +1,5 @@
 variable "consul_address" {
-  type    = string
+  type        = string
   description = "address of consul server for dynamic scraping"
 }
 
diff --git a/nomad/metrics/prometheus.nomad b/nomad/metrics/prometheus.nomad
index 29fc23c..1bd2dde 100644
--- a/nomad/metrics/prometheus.nomad
+++ b/nomad/metrics/prometheus.nomad
@@ -127,7 +127,7 @@ scrape_configs:
       - source_labels: [__meta_consul_address]
         replacement: $1:8500
         target_label: __address__
-        
+
   - job_name: "exporters"
     metrics_path: "/metrics"
     consul_sd_configs:
diff --git a/nomad/mysql/.terraform.lock.hcl b/nomad/mysql/.terraform.lock.hcl
new file mode 100644
index 0000000..027dbaa
--- /dev/null
+++ b/nomad/mysql/.terraform.lock.hcl
@@ -0,0 +1,38 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/consul" {
+  version = "2.15.0"
+  hashes = [
+    "h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
+    "zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
+    "zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
+    "zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
+    "zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
+    "zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
+    "zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
+    "zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
+    "zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
+    "zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
+    "zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
+    "zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
diff --git a/nomad/nextcloud/.terraform.lock.hcl b/nomad/nextcloud/.terraform.lock.hcl
new file mode 100644
index 0000000..4a078a2
--- /dev/null
+++ b/nomad/nextcloud/.terraform.lock.hcl
@@ -0,0 +1,20 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
diff --git a/nomad/nextcloud/nextcloud.nomad b/nomad/nextcloud/nextcloud.nomad
index 95b1827..1b75b76 100644
--- a/nomad/nextcloud/nextcloud.nomad
+++ b/nomad/nextcloud/nextcloud.nomad
@@ -67,14 +67,14 @@ job "nextcloud" {
         "traefik.http.routers.nextcloud.entryPoints=websecure",
       ]
     }
-    
+
     task "nextcloud-bootstrap" {
       driver = "docker"
-      
+
       lifecycle {
         hook = "prestart"
         sidecar = false
-      }  
+      }
 
       config {
         image = "mysql:8"
@@ -111,7 +111,7 @@ job "nextcloud" {
         destination = "/var/www/html"
         read_only = false
       }
-      
+
       config {
         image = "nextcloud"
         ports = ["web"]
diff --git a/nomad/providers.tf b/nomad/providers.tf
index a517497..f454d1c 100644
--- a/nomad/providers.tf
+++ b/nomad/providers.tf
@@ -11,28 +11,28 @@ data "consul_service" "nomad" {
 # Get Vault client from Consul
 data "consul_service" "vault" {
   name = "vault"
-  tag = "active"
+  tag  = "active"
 }
 
 locals {
   # Get Nomad address from Consul
-  nomad_node = data.consul_service.nomad.service[0]
+  nomad_node         = data.consul_service.nomad.service[0]
   nomad_node_address = "http://${local.nomad_node.node_address}:${local.nomad_node.port}"
 
   # Get Vault address from Consul
-  vault_node = data.consul_service.vault.service[0]
+  vault_node         = data.consul_service.vault.service[0]
   vault_node_address = "http://${local.vault_node.node_address}:${local.vault_node.port}"
 }
 
 # Configure the Nomad provider
 provider "nomad" {
-  address = local.nomad_node_address
+  address   = local.nomad_node_address
   secret_id = var.nomad_secret_id
-  region  = "global"
+  region    = "global"
 }
 
 # Configure the Vault provider
 provider "vault" {
   address = local.vault_node_address
-  token = var.vault_token
+  token   = var.vault_token
 }
diff --git a/nomad/redis/.terraform.lock.hcl b/nomad/redis/.terraform.lock.hcl
new file mode 100644
index 0000000..027dbaa
--- /dev/null
+++ b/nomad/redis/.terraform.lock.hcl
@@ -0,0 +1,38 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/consul" {
+  version = "2.15.0"
+  hashes = [
+    "h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
+    "zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
+    "zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
+    "zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
+    "zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
+    "zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
+    "zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
+    "zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
+    "zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
+    "zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
+    "zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
+    "zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
diff --git a/nomad/services.tf b/nomad/services.tf
index 1e932a9..6704249 100644
--- a/nomad/services.tf
+++ b/nomad/services.tf
@@ -10,14 +10,14 @@ module "blocky" {
   source = "./blocky"
 
   base_hostname = var.base_hostname
-  depends_on = [module.mysql-server, module.redis]
+  depends_on    = [module.mysql-server, module.redis]
 }
 
 module "traefik" {
   source = "./traefik"
 
   consul_address = var.consul_address
-  base_hostname = var.base_hostname
+  base_hostname  = var.base_hostname
 }
 
 module "metrics" {
diff --git a/nomad/traefik/.terraform.lock.hcl b/nomad/traefik/.terraform.lock.hcl
new file mode 100644
index 0000000..027dbaa
--- /dev/null
+++ b/nomad/traefik/.terraform.lock.hcl
@@ -0,0 +1,38 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/consul" {
+  version = "2.15.0"
+  hashes = [
+    "h1:o+Su3YqeOkHgf86GEArIVDZfaZQphYFjAOwpi/b0bzs=",
+    "zh:0bd2a9873099d89bd52e9eee623dd20ccb275d1e2f750da229a53a4d5b23450c",
+    "zh:1c9f87d4d97b2c61d006c0bef159d61d2a661a103025f8276ebbeb000129f931",
+    "zh:25b73a34115255c464be10a53f2510c4a1db958a71be31974d30654d5472e624",
+    "zh:32fa31329731db2bf4b7d0f09096416ca146f05b58f4482bbd4ee0f28cefbbcc",
+    "zh:59136b73d3abe7cc5b06d9e12d123ad21298ca86ed49a4060a3cd7c2a28a74a1",
+    "zh:a191f3210773ca25c543a92f2d392b85e6a053d596293655b1f25b33eb843b4c",
+    "zh:b8b6033cf0687eadc1099f11d9fb2ca9429ff40c2d85bd6cb047c0f6bc5d5d8d",
+    "zh:bb7d67ed28aa9b28fc5154161af003383f940b2beda0d4577857cad700f39cd1",
+    "zh:be615288f59327b975532a1999deab60a022e6819fe80e5a32526155210ecbba",
+    "zh:de1e3d5c34eef87eb301e74717754babb6dc8e19e3a964919e1165c5a076a719",
+    "zh:eb8c61b20d8ce2bfff9f735ca8456a0d6368af13aa1f43866f61c70f88cc491c",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/nomad" {
+  version = "1.4.16"
+  hashes = [
+    "h1:tyfjD/maKzb0RxxD9KWgLnkJu9lnYziYsQgGw85Giz8=",
+    "zh:0d4fbb7030d9caac3b123e60afa44f50c83cc2a983e1866aec7f30414abe7b0e",
+    "zh:0db080228e07c72d6d8ca8c45249d6f97cd0189fce82a77abbdcd49a52e57572",
+    "zh:0df88393271078533a217654b96f0672c60eb59570d72e6aefcb839eea87a7a0",
+    "zh:2883b335bb6044b0db6a00e602d6926c047c7f330294a73a90d089f98b24d084",
+    "zh:390158d928009a041b3a182bdd82376b50530805ae92be2b84ed7c3b0fa902a0",
+    "zh:7169b8f8df4b8e9659c49043848fd5f7f8473d0471f67815e8b04980f827f5ef",
+    "zh:9417ee1383b1edd137024882d7035be4dca51fb4f725ca00ed87729086ec1755",
+    "zh:a22910b5a29eeab5610350700b4899267c1b09b66cf21f7e4d06afc61d425800",
+    "zh:a6185c9cd7aa458cd81861058ba568b6411fbac344373a20155e20256f4a7557",
+    "zh:b6260ca9f034df1b47905b4e2a9c33b67dbf77224a694d5b10fb09ae92ffad4c",
+    "zh:d87c12a6a7768f2b6c2a59495c7dc00f9ecc52b1b868331d4c284f791e278a1e",
+  ]
+}
diff --git a/nomad/traefik/traefik.tf b/nomad/traefik/traefik.tf
index db695d2..3d7b8a8 100644
--- a/nomad/traefik/traefik.tf
+++ b/nomad/traefik/traefik.tf
@@ -1,11 +1,11 @@
 variable "base_hostname" {
-  type = string
+  type        = string
   description = "Base hostname to serve content from"
-  default = "dev.homelab"
+  default     = "dev.homelab"
 }
 
 variable "consul_address" {
-  type = string
+  type        = string
   description = "address of consul server for dynamic routes"
 }
 
@@ -21,10 +21,9 @@ resource "nomad_job" "traefik" {
     vars = {
       # "consul_address" = "${var.consul_address}",
       "consul_address" = "http://${data.consul_nodes.all-nodes.nodes[0].address}:8500",
-      "base_hostname" = "${var.base_hostname}",
+      "base_hostname"  = "${var.base_hostname}",
     }
   }
 
   jobspec = file("${path.module}/traefik.nomad")
 }
-
diff --git a/nomad/vars.tf b/nomad/vars.tf
index 863ba37..77ba124 100644
--- a/nomad/vars.tf
+++ b/nomad/vars.tf
@@ -4,20 +4,20 @@ variable "consul_address" {
 }
 
 variable "base_hostname" {
-  type = string
+  type        = string
   description = "Base hostname to serve content from"
-  default = "dev.homelab"
+  default     = "dev.homelab"
 }
 
 variable "nomad_secret_id" {
-  type = string
+  type        = string
   description = "Secret ID for ACL bootstrapped Nomad"
-  sensitive = true
-  default = ""
+  sensitive   = true
+  default     = ""
 }
 
 variable "vault_token" {
-  type = string
+  type      = string
   sensitive = true
-  default = ""
+  default   = ""
 }