Cleanup

example/acme-to-vault.nomad.hcl

@@ -23,6 +23,18 @@ job "acme-to-vault" {
         sidecar_service {
         }
         sidecar_task {
+          config {
+            args = [
+              "-c",
+              "${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
+              "-l",
+              "${meta.connect.log_level}",
+              "--concurrency",
+              "${meta.connect.proxy_concurrency}",
+              "--disable-hot-restart"
+            ]
+          }
+
           resources {
             cpu    = 50
             memory = 64
@@ -38,7 +50,7 @@ job "acme-to-vault" {
         "traefik.http.routers.acme-to-vault.rule=Host(`fake-acme-host`) || PathPrefix(`/.well-known/acme-challenge/`)",
         "traefik.http.routers.acme-to-vault.priority=2000",
         "traefik.http.routers.acme-to-vault.entrypoints=http,https",
-        "traefik.http.routers.acme-to-vault.middlewares=rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file,compression@file,csp-relaxed@file"
+        "traefik.http.routers.acme-to-vault.middlewares=rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file"
       ]
     }
 
@@ -95,6 +107,7 @@ _EOT
         env         = true
       }
 
+
       resources {
         cpu        = 10
         memory     = 100

example/images/acme-to-vault/Dockerfile

@@ -1,4 +1,4 @@
-FROM danielberteaud/alpine:24.1-4 AS vault
+FROM danielberteaud/alpine:24.1-8 AS vault
 
 ARG VAULT_VERSION=1.15.4
 
@@ -12,7 +12,7 @@ RUN set -euxo pipefail &&\
     unzip -d /usr/local/bin vault_${VAULT_VERSION}_linux_amd64.zip &&\
     rm vault_${VAULT_VERSION}_linux_amd64.zip
 
-FROM danielberteaud/alpine:24.1-4
+FROM danielberteaud/alpine:24.1-8
 MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
 
 ARG VAULT_VERSION=1.15.4

example/prep.d/mv_conf.sh

@@ -1,19 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-
-
-if [ "acme-to-vault" != "acme-to-vault" ]; then
-  for DIR in vault consul nomad; do
-    if [ -d output/${DIR} ]; then
-      for FILE in $(find output/${DIR} -name "*acme-to-vault*.hcl" -type f); do
-        NEW_FILE=$(echo "${FILE}" | sed -E "s/acme-to-vault/acme-to-vault/g")
-        mv "${FILE}" "${NEW_FILE}"
-      done
-    fi
-  done
-fi
-
-
-

prep.d/mv_conf.sh

@@ -1 +0,0 @@
-[[ template "common/mv_conf.sh.tpl" dict "ctx" . "services" (dict "acme-to-vault" .instance) ]]