Cleanup

example/images/exim-relay/Dockerfile

@@ -1,4 +1,4 @@
-FROM danielberteaud/alpine:24.1-2
+FROM danielberteaud/alpine:24.1-8
 MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
 
 # Taken from https://github.com/devture/exim-relay

example/smtp-relay.nomad.hcl

@@ -28,6 +28,18 @@ job "smtp-relay" {
         sidecar_service {
         }
         sidecar_task {
+          config {
+            args = [
+              "-c",
+              "${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
+              "-l",
+              "${meta.connect.log_level}",
+              "--concurrency",
+              "${meta.connect.proxy_concurrency}",
+              "--disable-hot-restart"
+            ]
+          }
+
           resources {
             cpu    = 50
             memory = 64
@@ -64,7 +76,7 @@ job "smtp-relay" {
         data        = <<_EOF
 # SMTP Auth
 SMTP_USERNAME=smtp@example.org
-SMTP_PASSWORD={{ with secret "kv/service/smtp-relay" }}{{ .Data.data.pwd }}{{ end }}
+SMTP_PASSWORD={{ with secret "/kv/service/smtp-relay" }}{{ .Data.data.pwd }}{{ end }}
 _EOF
         destination = "secrets/env"
         uid         = 100000
@@ -78,6 +90,7 @@ _EOF
         destination = "/var/spool/exim"
       }
 
+
       resources {
         cpu    = 10
         memory = 20

example/vault/policies/smtp-relay.hcl

@@ -1,3 +1,3 @@
-path "kv/data/service/smtp-relay" {
+path "/kv/data/service/smtp-relay" {
   capabilities = ["read"]
 }

variables.yml

@@ -11,7 +11,7 @@ mail:
     # Number of instances to run
     count: 1
 
-    # Resources to allocation
+    # Resources to allocate
     resources:
       cpu: 10
       memory: 20
@@ -24,7 +24,7 @@ mail:
     port: 587
     tls: True
     user: smtp@example.org
-    password: '{{ with secret "[[ .vault.prefix ]]kv/service/[[ .instance ]]" }}{{ .Data.data.pwd }}{{ end }}'
+    password: '{{ with secret "[[ .vault.root ]]kv/service/[[ .instance ]]" }}{{ .Data.data.pwd }}{{ end }}'
 
     # The volume to use for /var/spool/postfix
     volume:

vault/policies/smtp-relay.hcl

@@ -1,3 +1,3 @@
-path "[[ .vault.prefix ]]kv/data/service/smtp-relay" {
+path "[[ .vault.root ]]kv/data/service/[[ .instance ]]" {
   capabilities = ["read"]
 }