Closed dangernil closed 3 years ago
Tests?
Changed to draft since we have some issues with permission denied
when setting /var/lib/postgres/data
as a volume to /vagrant/persitence/postgres
.
We're taking a break from this issue due to problems with permission denied with postgres and vagrant. This will unfortunately not be able to reach the release v0.1.0 deadline (02.10.2020).
Going to pick this up on monday next week.
You have missed out this piece of code that we need to add so that the new host_policy in nomad gets applied. Without this you will end up getting 403 permission denied when run with nomad_acl=true :
- name: Fetch bootstrap token nomad
shell:
cmd: vault kv get -field=secret-id secret/nomad-bootstrap-token
when: lookup('env', 'nomad_acl') | bool
register: bootstrap_token
- name: Copy nomad policy file to /etc/nomad.d/policies/
copy:
src: host_volume_policy.hcl
dest: /etc/nomad.d/policies/host_volume_policy.hcl
when: lookup('env', 'nomad_acl') | bool
- name: Update default write policy on nomad
shell:
cmd: nomad acl policy apply write-default /etc/nomad.d/policies/host_volume_policy.hcl
when: lookup('env', 'nomad_acl') | bool
environment:
NOMAD_TOKEN: "{{ bootstrap_token.stdout }}
You can check the code in minio_repo
You have missed out this piece of code that we need to add so that the new host_policy in nomad gets applied. Without this you will end up getting 403 permission denied when run with nomad_acl=true :
- name: Fetch bootstrap token nomad shell: cmd: vault kv get -field=secret-id secret/nomad-bootstrap-token when: lookup('env', 'nomad_acl') | bool register: bootstrap_token - name: Copy nomad policy file to /etc/nomad.d/policies/ copy: src: host_volume_policy.hcl dest: /etc/nomad.d/policies/host_volume_policy.hcl when: lookup('env', 'nomad_acl') | bool - name: Update default write policy on nomad shell: cmd: nomad acl policy apply write-default /etc/nomad.d/policies/host_volume_policy.hcl when: lookup('env', 'nomad_acl') | bool environment: NOMAD_TOKEN: "{{ bootstrap_token.stdout }}
You can check the code in minio_repo
Oh, that's right! Thank's! :pray:
Closes #12 and #24