-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbackend.tf
58 lines (52 loc) · 1.26 KB
/
backend.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
terraform {
required_providers {
nomad = {
source = "hashicorp/nomad"
version = "~> 2.3"
}
consul = {
source = "hashicorp/consul"
version = "~> 2.20"
}
vault = {
source = "hashicorp/vault"
version = "~> 4.2"
}
}
backend "consul" {
path = "nomad/terraform_states/mailserver/tfstate"
lock = "true"
}
required_version = ">= 1.4"
}
provider "consul" {
address = "consul.service.ha.example.org:443"
scheme = "https"
ca_file = "/etc/ssl/certs/COMODO_OV.crt"
datacenter = "datacenter"
}
provider "vault" {
address = "https://master.vault.service.ha.example.org:8200"
ca_cert_file = "/etc/ssl/certs/COMODO_OV.crt"
skip_child_token = true
}
data "consul_keys" "nomad" {
datacenter = "datacenter"
key {
name = "nomad_address"
path = "nomad/${terraform.workspace}/nomad/addr"
}
key {
name = "token_path"
path = "nomad/${terraform.workspace}/nomad/token_path"
}
}
data "vault_kv_secret_v2" "nomad_token" {
mount = "nomad"
name = data.consul_keys.nomad.var.token_path
}
provider "nomad" {
secret_id = data.vault_kv_secret_v2.nomad_token.data.value
address = data.consul_keys.nomad.var.nomad_address
ca_file = "/etc/ssl/certs/COMODO_OV.crt"
}