github.com/hernad/nomad@v1.6.112/e2e/terraform/provision-nomad/main.tf (about) 1 # Copyright (c) HashiCorp, Inc. 2 # SPDX-License-Identifier: MPL-2.0 3 4 locals { 5 upload_dir = "uploads/${var.instance.public_ip}" 6 7 indexed_config_path = fileexists("etc/nomad.d/${var.role}-${var.platform}-${var.index}.hcl") ? "etc/nomad.d/${var.role}-${var.platform}-${var.index}.hcl" : "etc/nomad.d/index.hcl" 8 9 } 10 11 # if nomad_license is unset, it'll be a harmless empty license file 12 resource "local_sensitive_file" "nomad_environment" { 13 content = templatefile("etc/nomad.d/.environment", { 14 license = var.nomad_license 15 }) 16 filename = "${local.upload_dir}/nomad.d/.environment" 17 file_permission = "0600" 18 } 19 20 resource "local_sensitive_file" "nomad_base_config" { 21 content = templatefile("etc/nomad.d/base.hcl", { 22 data_dir = var.platform != "windows" ? "/opt/nomad/data" : "C://opt/nomad/data" 23 }) 24 filename = "${local.upload_dir}/nomad.d/base.hcl" 25 file_permission = "0600" 26 } 27 28 resource "local_sensitive_file" "nomad_role_config" { 29 content = templatefile("etc/nomad.d/${var.role}-${var.platform}.hcl", {}) 30 filename = "${local.upload_dir}/nomad.d/${var.role}.hcl" 31 file_permission = "0600" 32 } 33 34 resource "local_sensitive_file" "nomad_indexed_config" { 35 content = templatefile(local.indexed_config_path, {}) 36 filename = "${local.upload_dir}/nomad.d/${var.role}-${var.platform}-${var.index}.hcl" 37 file_permission = "0600" 38 } 39 40 resource "local_sensitive_file" "nomad_tls_config" { 41 content = templatefile("etc/nomad.d/tls.hcl", {}) 42 filename = "${local.upload_dir}/nomad.d/tls.hcl" 43 file_permission = "0600" 44 } 45 46 resource "null_resource" "upload_consul_configs" { 47 48 connection { 49 type = "ssh" 50 user = var.connection.user 51 host = var.instance.public_ip 52 port = var.connection.port 53 private_key = file(var.connection.private_key) 54 target_platform = var.arch == "windows_amd64" ? "windows" : "unix" 55 timeout = "15m" 56 } 57 58 provisioner "file" { 59 source = "uploads/shared/consul.d/ca.pem" 60 destination = "/tmp/consul_ca.pem" 61 } 62 provisioner "file" { 63 source = "uploads/shared/consul.d/consul_client.json" 64 destination = "/tmp/consul_client.json" 65 } 66 provisioner "file" { 67 source = "uploads/shared/consul.d/client_acl.json" 68 destination = "/tmp/consul_client_acl.json" 69 } 70 provisioner "file" { 71 source = "uploads/shared/consul.d/consul_client_base.json" 72 destination = "/tmp/consul_client_base.json" 73 } 74 provisioner "file" { 75 source = "uploads/shared/consul.d/consul.service" 76 destination = "/tmp/consul.service" 77 } 78 } 79 80 resource "null_resource" "upload_nomad_configs" { 81 82 connection { 83 type = "ssh" 84 user = var.connection.user 85 host = var.instance.public_ip 86 port = var.connection.port 87 private_key = file(var.connection.private_key) 88 target_platform = var.arch == "windows_amd64" ? "windows" : "unix" 89 timeout = "15m" 90 } 91 92 # created in hcp_consul.tf 93 provisioner "file" { 94 source = "uploads/shared/nomad.d/${var.role}-consul.hcl" 95 destination = "/tmp/consul.hcl" 96 } 97 # created in hcp_vault.tf 98 provisioner "file" { 99 source = "uploads/shared/nomad.d/vault.hcl" 100 destination = "/tmp/vault.hcl" 101 } 102 103 provisioner "file" { 104 source = local_sensitive_file.nomad_environment.filename 105 destination = "/tmp/.environment" 106 } 107 provisioner "file" { 108 source = local_sensitive_file.nomad_base_config.filename 109 destination = "/tmp/base.hcl" 110 } 111 provisioner "file" { 112 source = local_sensitive_file.nomad_role_config.filename 113 destination = "/tmp/${var.role}-${var.platform}.hcl" 114 } 115 provisioner "file" { 116 source = local_sensitive_file.nomad_indexed_config.filename 117 destination = "/tmp/${var.role}-${var.platform}-${var.index}.hcl" 118 } 119 provisioner "file" { 120 source = local_sensitive_file.nomad_tls_config.filename 121 destination = "/tmp/tls.hcl" 122 } 123 provisioner "file" { 124 source = local_sensitive_file.nomad_systemd_unit_file.filename 125 destination = "/tmp/nomad.service" 126 } 127 provisioner "file" { 128 source = local_sensitive_file.nomad_client_key.filename 129 destination = "/tmp/agent-${var.instance.public_ip}.key" 130 } 131 provisioner "file" { 132 source = local_sensitive_file.nomad_client_cert.filename 133 destination = "/tmp/agent-${var.instance.public_ip}.crt" 134 } 135 provisioner "file" { 136 source = "keys/tls_api_client.key" 137 destination = "/tmp/tls_proxy.key" 138 } 139 provisioner "file" { 140 source = "keys/tls_api_client.crt" 141 destination = "/tmp/tls_proxy.crt" 142 } 143 provisioner "file" { 144 source = "keys/tls_ca.crt" 145 destination = "/tmp/ca.crt" 146 } 147 provisioner "file" { 148 source = "keys/self_signed.key" 149 destination = "/tmp/self_signed.key" 150 } 151 provisioner "file" { 152 source = "keys/self_signed.crt" 153 destination = "/tmp/self_signed.crt" 154 } 155 156 }