github.com/hernad/nomad@v1.6.112/e2e/terraform/provision-nomad/install-linux.tf

github.com/hernad/nomad@v1.6.112/e2e/terraform/provision-nomad/install-linux.tf (about)

     1  # Copyright (c) HashiCorp, Inc.
     2  # SPDX-License-Identifier: MPL-2.0
     3  
     4  resource "local_sensitive_file" "nomad_systemd_unit_file" {
     5    content         = templatefile("etc/nomad.d/nomad-${var.role}.service", {})
     6    filename        = "${local.upload_dir}/nomad.d/nomad.service"
     7    file_permission = "0600"
     8  }
     9  
    10  resource "null_resource" "install_nomad_binary_linux" {
    11    count    = var.platform == "linux" ? 1 : 0
    12    triggers = { nomad_binary_sha = filemd5(var.nomad_local_binary) }
    13  
    14    connection {
    15      type        = "ssh"
    16      user        = var.connection.user
    17      host        = var.instance.public_ip
    18      port        = var.connection.port
    19      private_key = file(var.connection.private_key)
    20      timeout     = "5m"
    21    }
    22  
    23    provisioner "file" {
    24      source      = var.nomad_local_binary
    25      destination = "/tmp/nomad"
    26    }
    27    provisioner "remote-exec" {
    28      inline = [
    29        "sudo mv /tmp/nomad /usr/local/bin/nomad",
    30        "sudo chmod +x /usr/local/bin/nomad",
    31      ]
    32    }
    33  }
    34  
    35  resource "null_resource" "install_consul_configs_linux" {
    36    count = var.platform == "linux" ? 1 : 0
    37  
    38    depends_on = [
    39      null_resource.upload_consul_configs,
    40    ]
    41  
    42    connection {
    43      type        = "ssh"
    44      user        = var.connection.user
    45      host        = var.instance.public_ip
    46      port        = var.connection.port
    47      private_key = file(var.connection.private_key)
    48      timeout     = "5m"
    49    }
    50  
    51    provisioner "remote-exec" {
    52      inline = [
    53        "mkdir -p /etc/consul.d",
    54        "sudo rm -rf /etc/consul.d/*",
    55        "sudo mv /tmp/consul_ca.pem /etc/consul.d/ca.pem",
    56        "sudo mv /tmp/consul_client_acl.json /etc/consul.d/acl.json",
    57        "sudo mv /tmp/consul_client.json /etc/consul.d/consul_client.json",
    58        "sudo mv /tmp/consul_client_base.json /etc/consul.d/consul_client_base.json",
    59        "sudo mv /tmp/consul.service /etc/systemd/system/consul.service",
    60      ]
    61    }
    62  }
    63  
    64  locals {
    65    data_owner = var.role == "client" ? "root" : "nomad"
    66  }
    67  
    68  resource "null_resource" "install_nomad_configs_linux" {
    69    count = var.platform == "linux" ? 1 : 0
    70  
    71    depends_on = [
    72      null_resource.upload_nomad_configs,
    73    ]
    74  
    75    connection {
    76      type        = "ssh"
    77      user        = var.connection.user
    78      host        = var.instance.public_ip
    79      port        = var.connection.port
    80      private_key = file(var.connection.private_key)
    81      timeout     = "5m"
    82    }
    83  
    84    provisioner "remote-exec" {
    85      inline = [
    86        "mkdir -p /etc/nomad.d",
    87        "mkdir -p /opt/nomad/data",
    88        "sudo chmod 0700 /opt/nomad/data",
    89        "sudo chown ${local.data_owner}:${local.data_owner} /opt/nomad/data",
    90        "sudo rm -rf /etc/nomad.d/*",
    91        "sudo mv /tmp/consul.hcl /etc/nomad.d/consul.hcl",
    92        "sudo mv /tmp/vault.hcl /etc/nomad.d/vault.hcl",
    93        "sudo mv /tmp/base.hcl /etc/nomad.d/base.hcl",
    94        "sudo mv /tmp/${var.role}-${var.platform}.hcl /etc/nomad.d/${var.role}-${var.platform}.hcl",
    95        "sudo mv /tmp/${var.role}-${var.platform}-${var.index}.hcl /etc/nomad.d/${var.role}-${var.platform}-${var.index}.hcl",
    96        "sudo mv /tmp/.environment /etc/nomad.d/.environment",
    97  
    98        # TLS
    99        "sudo mkdir /etc/nomad.d/tls",
   100        "sudo mv /tmp/tls.hcl /etc/nomad.d/tls.hcl",
   101        "sudo mv /tmp/agent-${var.instance.public_ip}.key /etc/nomad.d/tls/agent.key",
   102        "sudo mv /tmp/agent-${var.instance.public_ip}.crt /etc/nomad.d/tls/agent.crt",
   103        "sudo mv /tmp/tls_proxy.key /etc/nomad.d/tls/tls_proxy.key",
   104        "sudo mv /tmp/tls_proxy.crt /etc/nomad.d/tls/tls_proxy.crt",
   105        "sudo mv /tmp/self_signed.key /etc/nomad.d/tls/self_signed.key",
   106        "sudo mv /tmp/self_signed.crt /etc/nomad.d/tls/self_signed.crt",
   107        "sudo mv /tmp/ca.crt /etc/nomad.d/tls/ca.crt",
   108  
   109        "sudo mv /tmp/nomad.service /etc/systemd/system/nomad.service",
   110      ]
   111    }
   112  
   113  }
   114  
   115  resource "null_resource" "restart_linux_services" {
   116    count = var.platform == "linux" ? 1 : 0
   117  
   118    depends_on = [
   119      null_resource.install_nomad_binary_linux,
   120      null_resource.install_consul_configs_linux,
   121      null_resource.install_nomad_configs_linux,
   122    ]
   123  
   124    connection {
   125      type        = "ssh"
   126      user        = var.connection.user
   127      host        = var.instance.public_ip
   128      port        = var.connection.port
   129      private_key = file(var.connection.private_key)
   130      timeout     = "5m"
   131    }
   132  
   133    provisioner "remote-exec" {
   134      inline = [
   135        "sudo systemctl daemon-reload",
   136        "sudo systemctl enable consul",
   137        "sudo systemctl restart consul",
   138        "sudo systemctl enable nomad",
   139        "sudo systemctl restart nomad",
   140      ]
   141    }
   142  }