Update rendered example
This commit is contained in:
parent
976480545d
commit
bf92563764
|
@ -12,7 +12,7 @@ RUN set -eux &&\
|
|||
chown root:root ldap2pg &&\
|
||||
chmod 755 ldap2pg
|
||||
|
||||
FROM danielberteaud/alpine:24.1-8
|
||||
FROM danielberteaud/alpine:24.2-1
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ENV PGHOST=localhost \
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/postgres:15.24.1-5
|
||||
FROM danielberteaud/postgres:15.24.2-1
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ARG PATRONI_VERSION=3.2.2
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/alpine:24.1-8
|
||||
FROM danielberteaud/alpine:24.2-1
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ARG PG_FROM= \
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/alma:9.24.1-6
|
||||
FROM danielberteaud/alma:9.24.2-1
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ENV PG_BASE_DATA=/data/db/
|
||||
|
|
|
@ -11,7 +11,7 @@ set -euo pipefail
|
|||
TMP=$(mktemp -d)
|
||||
|
||||
INITIAL_SETUP=false
|
||||
if [ "$(vault secrets list -format json | jq -r '.["/pki/postgres/"].type')" != "pki" ]; then
|
||||
if [ "$(vault secrets list -format json | jq -r '.["pki/postgres/"].type')" != "pki" ]; then
|
||||
INITIAL_SETUP=true
|
||||
fi
|
||||
|
||||
|
@ -30,12 +30,12 @@ vault secrets tune -max-lease-ttl=131400h /pki/postgres
|
|||
# Configure PKI URLs
|
||||
echo "Configure URL endpoints"
|
||||
vault write /pki/postgres/config/urls \
|
||||
issuing_certificates="${VAULT_ADDR}/v1//pki/postgres/ca" \
|
||||
crl_distribution_points="${VAULT_ADDR}/v1//pki/postgres/crl" \
|
||||
ocsp_servers="${VAULT_ADDR}/v1//pki/postgres/ocsp"
|
||||
issuing_certificates="${VAULT_ADDR}/v1/pki/postgres/ca" \
|
||||
crl_distribution_points="${VAULT_ADDR}/v1/pki/postgres/crl" \
|
||||
ocsp_servers="${VAULT_ADDR}/v1/pki/postgres/ocsp"
|
||||
|
||||
vault write /pki/postgres/config/cluster \
|
||||
path="${VAULT_ADDR}/v1//pki/postgres"
|
||||
path="${VAULT_ADDR}/v1/pki/postgres"
|
||||
|
||||
vault write /pki/postgres/config/crl \
|
||||
auto_rebuild=true \
|
||||
|
|
|
@ -26,6 +26,7 @@ job "postgres-manage" {
|
|||
proxy {
|
||||
upstreams {
|
||||
destination_name = "postgres"
|
||||
destination_type = "service"
|
||||
local_bind_port = 5432
|
||||
}
|
||||
}
|
||||
|
@ -60,7 +61,7 @@ job "postgres-manage" {
|
|||
user = 1053
|
||||
|
||||
config {
|
||||
image = "danielberteaud/wait-for:24.1-1"
|
||||
image = "danielberteaud/wait-for:24.2-1"
|
||||
readonly_rootfs = true
|
||||
pids_limit = 20
|
||||
}
|
||||
|
@ -96,6 +97,7 @@ job "postgres-manage" {
|
|||
policies = ["postgres"]
|
||||
env = false
|
||||
disable_file = true
|
||||
change_mode = "noop"
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -150,6 +150,7 @@ job "postgres" {
|
|||
policies = ["postgres"]
|
||||
env = false
|
||||
disable_file = true
|
||||
change_mode = "noop"
|
||||
}
|
||||
|
||||
# Use a template block instead of env {} so we can fetch values from vault
|
||||
|
|
Loading…
Reference in New Issue