Move pki script to init

2024-01-19 13:46:13 +01:00 · 2024-01-19 13:46:13 +01:00 · 5124031188
parent 514e46744f
commit 5124031188
2 changed files with 5 additions and 5 deletions
--- a/example/postgres.nomad.hcl
+++ b/example/postgres.nomad.hcl
@ -296,9 +296,9 @@ postgresql:
    - hostssl all         all          0.0.0.0/0    cert clientcert=verify-full

  pg_ident:
-    - patroni-map pg-{{ env "NOMAD_ALLOC_INDEX" }}.postgres.service.consul postgres
-    - patroni-map pg-{{ env "NOMAD_ALLOC_INDEX" }}.postgres.service.consul replicator
-    - patroni-map pg-{{ env "NOMAD_ALLOC_INDEX" }}.postgres.service.consul rewind
+    - patroni-map postgres.service.consul postgres
+    - patroni-map postgres.service.consul replicator
+    - patroni-map postgres.service.consul rewind

  parameters:
    ssl: on
@ -428,8 +428,8 @@ _EOT
        data          = <<_EOT
 {{ with pkiCert
  "pki/postgres/issue/postgres-server"
-  (printf "common_name=pg-%s.postgres.service.consul" (env "NOMAD_ALLOC_INDEX"))
-  "alt_name=postgres.service.consul"
+  "common_name=postgres.service.consul"
+  (printf "alt_name=%s.postgres.service.consul" (env "NOMAD_ALLOC_INDEX"))
  (printf "ip_sans=%s" (env "NOMAD_IP_patroni")) "ttl=72h" }}
 {{ .Cert }}
 {{ .Key }}
--- a/prep.d/20-pki.sh
+++ b/prep.d/20-pki.sh