Some fixes in prefix/suffix handling

consul/policies/postgres.hcl

@@ -1,10 +1,10 @@
 node_prefix "" {
   policy = "read"
 }
-service "[[ .instance ]]" {
+service "[[ .instance ]][[ .consul.suffix ]]" {
   policy = "write"
 }
-service "[[ .instance ]]-sidecar-proxy" {
+service "[[ .instance ]][[ .consul.suffix ]]-sidecar-proxy" {
   policy = "write"
 }
 key_prefix "[[ .consul.kv.root ]]service/[[ .instance ]]" {

init/consul

@@ -1,4 +1,4 @@
 #!/bin/sh
 # vim: syntax=sh
 
-vault write [[ .vault.root ]]consul/roles/[[ .instance ]] ttl=720h max_ttl=720h consul_policies="[[ .instance ]]"
+vault write consul/roles/[[ .instance ]][[ .consul.suffix ]] ttl=720h max_ttl=720h consul_policies="[[ .instance ]][[ .consul.suffix ]]"

postgres-server.nomad.hcl

@@ -127,7 +127,7 @@ job "[[ .instance ]]-server" {
       template {
         data = <<_EOT
 # Get a Consul token from vault, so we're able to update the tags in Consul from the containers
-CONSUL_HTTP_TOKEN={{ with secret "[[ .vault.root ]]consul/creds/[[ .instance ]]" }}{{ .Data.token }}{{ end }}
+CONSUL_HTTP_TOKEN={{ with secret "consul/creds/[[ .instance ]][[ .consul.suffix ]]" }}{{ .Data.token }}{{ end }}
 PATRONICTL_CONFIG_FILE=/secrets/patroni.yml
 _EOT
         destination = "secrets/pg.env"

templates/update_tags.sh.tpl

@@ -26,11 +26,11 @@ CURL_OPTS="--connect-timeout 5 --max-time 10 --retry 5 --retry-delay 1 --retry-m
 # Update tags on the main service
 SERVICE_HAS_TAG=$(curl ${CURL_OPTS} \
                        -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" \
-                       http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]] |\
+                       http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]][[ .consul.suffix ]] |\
                          jq ".[] | select( .ServiceTags as \$tags | \"postgres-{{ env "NOMAD_ALLOC_INDEX" }}\" | IN(\$tags[]) ) | .ServiceTags | any(.==\"${NEW_ROLE}\")")
 if [ "${SERVICE_HAS_TAG}" = "false" ]; then
   echo "Updating tags for the main service"
-  curl ${CURL_OPTS} -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]] |\
+  curl ${CURL_OPTS} -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]][[ .consul.suffix ]] |\
     jq --from-file /local/serviceformat.jq --arg role "${NEW_ROLE}" --arg mytag postgres-{{ env "NOMAD_ALLOC_INDEX" }} |\
     curl ${CORL_OPTS} -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" -X PUT -d @- http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/txn > /dev/null
 else
@@ -40,11 +40,11 @@ fi
 # Update tags on the sidecar service (connect-proxy)
 SIDECAR_HAS_TAG=$(curl ${CURL_OPTS} \
                        -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" \
-                       http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]]-sidecar-proxy |\
+                       http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]][[ .consul.suffix ]]-sidecar-proxy |\
                          jq ".[] | select( .ServiceTags as \$tags | \"postgres-{{ env "NOMAD_ALLOC_INDEX" }}\" | IN(\$tags[]) ) | .ServiceTags | any(.==\"${NEW_ROLE}\")")
 if [ "${SIDECAR_HAS_TAG}" = "false" ]; then
   echo "Updating tags for the sidecar"
-  curl ${CURL_OPTS} -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]]-sidecar-proxy |\
+  curl ${CURL_OPTS} -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/catalog/service/[[ .instance ]][[ .consul.suffix ]]-sidecar-proxy |\
     jq --from-file /local/serviceformat.jq --arg role "${NEW_ROLE}" --arg mytag postgres-{{ env "NOMAD_ALLOC_INDEX" }} |\
     curl ${CURL_OPTS} -H "X-Consul-Token: ${CONSUL_HTTP_TOKEN}" -X PUT -d @- http://{{ sockaddr "GetInterfaceIP \"nomad\"" }}:8500/v1/txn > /dev/null
 else