github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/e2e/terraform/provision-nomad/main.tf (about)

     1  locals {
     2    upload_dir = "uploads/${var.instance.public_ip}"
     3  
     4    indexed_config_path = fileexists("etc/nomad.d/${var.role}-${var.platform}-${var.index}.hcl") ? "etc/nomad.d/${var.role}-${var.platform}-${var.index}.hcl" : "etc/nomad.d/index.hcl"
     5  
     6  }
     7  
     8  # if nomad_license is unset, it'll be a harmless empty license file
     9  resource "local_sensitive_file" "nomad_environment" {
    10    content = templatefile("etc/nomad.d/.environment", {
    11      license = var.nomad_license
    12    })
    13    filename        = "${local.upload_dir}/nomad.d/.environment"
    14    file_permission = "0600"
    15  }
    16  
    17  resource "local_sensitive_file" "nomad_base_config" {
    18    content = templatefile("etc/nomad.d/base.hcl", {
    19      data_dir = var.platform != "windows" ? "/opt/nomad/data" : "C://opt/nomad/data"
    20    })
    21    filename        = "${local.upload_dir}/nomad.d/base.hcl"
    22    file_permission = "0600"
    23  }
    24  
    25  resource "local_sensitive_file" "nomad_role_config" {
    26    content         = templatefile("etc/nomad.d/${var.role}-${var.platform}.hcl", {})
    27    filename        = "${local.upload_dir}/nomad.d/${var.role}.hcl"
    28    file_permission = "0600"
    29  }
    30  
    31  resource "local_sensitive_file" "nomad_indexed_config" {
    32    content         = templatefile(local.indexed_config_path, {})
    33    filename        = "${local.upload_dir}/nomad.d/${var.role}-${var.platform}-${var.index}.hcl"
    34    file_permission = "0600"
    35  }
    36  
    37  resource "local_sensitive_file" "nomad_tls_config" {
    38    content         = templatefile("etc/nomad.d/tls.hcl", {})
    39    filename        = "${local.upload_dir}/nomad.d/tls.hcl"
    40    file_permission = "0600"
    41  }
    42  
    43  resource "null_resource" "upload_consul_configs" {
    44  
    45    connection {
    46      type            = "ssh"
    47      user            = var.connection.user
    48      host            = var.instance.public_ip
    49      port            = var.connection.port
    50      private_key     = file(var.connection.private_key)
    51      target_platform = var.arch == "windows_amd64" ? "windows" : "unix"
    52      timeout         = "15m"
    53    }
    54  
    55    provisioner "file" {
    56      source      = "uploads/shared/consul.d/ca.pem"
    57      destination = "/tmp/consul_ca.pem"
    58    }
    59    provisioner "file" {
    60      source      = "uploads/shared/consul.d/consul_client.json"
    61      destination = "/tmp/consul_client.json"
    62    }
    63    provisioner "file" {
    64      source      = "uploads/shared/consul.d/client_acl.json"
    65      destination = "/tmp/consul_client_acl.json"
    66    }
    67    provisioner "file" {
    68      source      = "uploads/shared/consul.d/consul_client_base.json"
    69      destination = "/tmp/consul_client_base.json"
    70    }
    71    provisioner "file" {
    72      source      = "uploads/shared/consul.d/consul.service"
    73      destination = "/tmp/consul.service"
    74    }
    75  }
    76  
    77  resource "null_resource" "upload_nomad_configs" {
    78  
    79    connection {
    80      type            = "ssh"
    81      user            = var.connection.user
    82      host            = var.instance.public_ip
    83      port            = var.connection.port
    84      private_key     = file(var.connection.private_key)
    85      target_platform = var.arch == "windows_amd64" ? "windows" : "unix"
    86      timeout         = "15m"
    87    }
    88  
    89    # created in hcp_consul.tf
    90    provisioner "file" {
    91      source      = "uploads/shared/nomad.d/${var.role}-consul.hcl"
    92      destination = "/tmp/consul.hcl"
    93    }
    94    # created in hcp_vault.tf
    95    provisioner "file" {
    96      source      = "uploads/shared/nomad.d/vault.hcl"
    97      destination = "/tmp/vault.hcl"
    98    }
    99  
   100    provisioner "file" {
   101      source      = local_sensitive_file.nomad_environment.filename
   102      destination = "/tmp/.environment"
   103    }
   104    provisioner "file" {
   105      source      = local_sensitive_file.nomad_base_config.filename
   106      destination = "/tmp/base.hcl"
   107    }
   108    provisioner "file" {
   109      source      = local_sensitive_file.nomad_role_config.filename
   110      destination = "/tmp/${var.role}-${var.platform}.hcl"
   111    }
   112    provisioner "file" {
   113      source      = local_sensitive_file.nomad_indexed_config.filename
   114      destination = "/tmp/${var.role}-${var.platform}-${var.index}.hcl"
   115    }
   116    provisioner "file" {
   117      source      = local_sensitive_file.nomad_tls_config.filename
   118      destination = "/tmp/tls.hcl"
   119    }
   120    provisioner "file" {
   121      source      = local_sensitive_file.nomad_systemd_unit_file.filename
   122      destination = "/tmp/nomad.service"
   123    }
   124    provisioner "file" {
   125      source      = local_sensitive_file.nomad_client_key.filename
   126      destination = "/tmp/agent-${var.instance.public_ip}.key"
   127    }
   128    provisioner "file" {
   129      source      = local_sensitive_file.nomad_client_cert.filename
   130      destination = "/tmp/agent-${var.instance.public_ip}.crt"
   131    }
   132    provisioner "file" {
   133      source      = "keys/tls_api_client.key"
   134      destination = "/tmp/tls_proxy.key"
   135    }
   136    provisioner "file" {
   137      source      = "keys/tls_api_client.crt"
   138      destination = "/tmp/tls_proxy.crt"
   139    }
   140    provisioner "file" {
   141      source      = "keys/tls_ca.crt"
   142      destination = "/tmp/ca.crt"
   143    }
   144    provisioner "file" {
   145      source      = "keys/self_signed.key"
   146      destination = "/tmp/self_signed.key"
   147    }
   148    provisioner "file" {
   149      source      = "keys/self_signed.crt"
   150      destination = "/tmp/self_signed.crt"
   151    }
   152  
   153  }