github.com/Ilhicas/nomad@v1.0.4-0.20210304152020-e86851182bc3/e2e/terraform/vault.tf (about) 1 resource "null_resource" "bootstrap_vault" { 2 depends_on = [ 3 aws_instance.server, 4 module.nomad_server 5 ] 6 triggers = { 7 script = data.template_file.bootstrap_vault_script.rendered 8 } 9 10 provisioner "local-exec" { 11 command = data.template_file.bootstrap_vault_script.rendered 12 } 13 } 14 15 # write the bootstrap token to the keys/ directory (where the ssh key is) 16 # so that we can read it into the data.local_file later. If not set, 17 # ensure that it's empty. 18 data "template_file" "bootstrap_vault_script" { 19 template = var.vault ? "VAULT_ADDR=http://${aws_instance.server.0.public_ip}:8200 ./scripts/bootstrap-vault.sh" : "mkdir -p ${path.root}/keys; echo > ${path.root}/keys/vault_root_token" 20 } 21 22 data "local_file" "vault_token" { 23 depends_on = [null_resource.bootstrap_vault] 24 filename = "${path.root}/keys/vault_root_token" 25 } 26 27 data "local_file" "nomad_vault_config" { 28 depends_on = [null_resource.bootstrap_vault] 29 filename = "${path.root}/keys/nomad_vault.hcl" 30 } 31 32 resource "null_resource" "nomad_vault_config" { 33 34 depends_on = [ 35 aws_instance.server, 36 null_resource.bootstrap_vault 37 ] 38 39 triggers = { 40 data = data.local_file.nomad_vault_config.content 41 } 42 43 count = var.server_count 44 45 provisioner "file" { 46 source = "${path.root}/keys/nomad_vault.hcl" 47 destination = "./nomad_vault.hcl" 48 } 49 50 provisioner "remote-exec" { 51 inline = [ 52 "sudo mv ./nomad_vault.hcl /etc/nomad.d/nomad_vault.hcl", 53 "sudo systemctl restart nomad" 54 ] 55 } 56 57 connection { 58 type = "ssh" 59 user = "ubuntu" 60 host = aws_instance.server[count.index].public_ip 61 port = 22 62 private_key = file("${path.root}/keys/${local.random_name}.pem") 63 } 64 }