Cleanup

2024-01-31 16:19:36 +01:00 · 2024-01-31 16:19:36 +01:00 · 47162a8d09
parent 7719485f0d
commit 47162a8d09
5 changed files with 19 additions and 6 deletions
--- a/example/images/exim-relay/Dockerfile
+++ b/example/images/exim-relay/Dockerfile
@ -1,4 +1,4 @@
-FROM danielberteaud/alpine:24.1-2
+FROM danielberteaud/alpine:24.1-8
 MAINTAINER Daniel Berteaud <dbd@ehtrace.com>

 # Taken from https://github.com/devture/exim-relay
--- a/example/smtp-relay.nomad.hcl
+++ b/example/smtp-relay.nomad.hcl
@ -28,6 +28,18 @@ job "smtp-relay" {
        sidecar_service {
        }
        sidecar_task {
+          config {
+            args = [
+              "-c",
+              "${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
+              "-l",
+              "${meta.connect.log_level}",
+              "--concurrency",
+              "${meta.connect.proxy_concurrency}",
+              "--disable-hot-restart"
+            ]
+          }
+
          resources {
            cpu    = 50
            memory = 64
@ -64,7 +76,7 @@ job "smtp-relay" {
        data        = <<_EOF
 # SMTP Auth
 SMTP_USERNAME=smtp@example.org
-SMTP_PASSWORD={{ with secret "kv/service/smtp-relay" }}{{ .Data.data.pwd }}{{ end }}
+SMTP_PASSWORD={{ with secret "/kv/service/smtp-relay" }}{{ .Data.data.pwd }}{{ end }}
 _EOF
        destination = "secrets/env"
        uid         = 100000
@ -78,6 +90,7 @@ _EOF
        destination = "/var/spool/exim"
      }

+
      resources {
        cpu    = 10
        memory = 20
--- a/example/vault/policies/smtp-relay.hcl
+++ b/example/vault/policies/smtp-relay.hcl
@ -1,3 +1,3 @@
-path "kv/data/service/smtp-relay" {
+path "/kv/data/service/smtp-relay" {
  capabilities = ["read"]
 }
--- a/variables.yml
+++ b/variables.yml
@ -11,7 +11,7 @@ mail:
    # Number of instances to run
    count: 1

-    # Resources to allocation
+    # Resources to allocate
    resources:
      cpu: 10
      memory: 20
@ -24,7 +24,7 @@ mail:
    port: 587
    tls: True
    user: smtp@example.org
-    password: '{{ with secret "[[ .vault.prefix ]]kv/service/[[ .instance ]]" }}{{ .Data.data.pwd }}{{ end }}'
+    password: '{{ with secret "[[ .vault.root ]]kv/service/[[ .instance ]]" }}{{ .Data.data.pwd }}{{ end }}'

    # The volume to use for /var/spool/postfix
    volume:
--- a/vault/policies/smtp-relay.hcl
+++ b/vault/policies/smtp-relay.hcl
@ -1,3 +1,3 @@
-path "[[ .vault.prefix ]]kv/data/service/smtp-relay" {
+path "[[ .vault.root ]]kv/data/service/[[ .instance ]]" {
  capabilities = ["read"]
 }