Cleanup

prep.d/mv_conf.sh

@@ -1 +1 @@
-[[ template "common/mv_conf.sh.tpl" dict "ctx" . "services" (dict "smtp-relay" .mail.relay.job_name) ]]
+[[ template "common/mv_conf.sh.tpl" dict "ctx" . "services" (dict "smtp-relay" .mail.relay.instance) ]]

smtp-relay.nomad.hcl

@@ -1,6 +1,8 @@
-job [[ .mail.relay.job_name | toJSON ]] {
+[[ $c := merge .mail.relay . -]]
 
-[[ template "common/job_start.tpl" . ]]
+job [[ .mail.relay.instance | toJSON ]] {
+
+[[ template "common/job_start.tpl" $c ]]
 
   group "smtp-relay" {
 
@@ -21,27 +23,27 @@ job [[ .mail.relay.job_name | toJSON ]] {
     }
 
     service {
-      name = "[[ .mail.relay.job_name ]][[ .env.suffix ]]"
+      name = "[[ .mail.relay.instance ]][[ .consul.suffix ]]"
       port = 8025
 
-[[ template "common/connect.tpl" dict "ctx" . "config" .mail.relay ]]
+[[ template "common/connect.tpl" $c ]]
     }
 
     task "exim" {
-      driver = [[ .mail.relay.driver | toJSON ]]
+      driver = [[ $c.nomad.driver | toJSON ]]
 
       config {
         image = [[ .mail.relay.image | toJSON ]]
       }
 
       vault {
-        policies = ["[[ .mail.relay.job_name ]][[ .env.suffix ]]"]
+        policies = ["[[ .mail.relay.instance ]][[ .consul.suffix ]]"]
         env = false
         disable_file = true
       }
 
       env {
-        HOSTNAME = "[[ .mail.relay.job_name ]].service.[[ .consul.domain ]]"
+        HOSTNAME = "[[ .mail.relay.instance ]].service.[[ .consul.domain ]]"
         LOCAL_DOMAINS = ""
         RELAY_FROM_HOSTS = "127.0.0.1"
         DISABLE_SENDER_VERIFICATION = "true"
@@ -49,13 +51,12 @@ job [[ .mail.relay.job_name | toJSON ]] {
         [[ template "common/env.tpl" .mail.relay.env ]]
       }
 
+[[- if has .mail.relay "user" ]]
       template {
         data =<<_EOF
 # SMTP Auth
-[[- if has .mail.relay "user" ]]
 SMTP_USERNAME=[[ .mail.relay.user ]]
-SMTP_PASSWORD={{ with secret "[[ .vault.prefix ]]kv/service/smtp-relay" }}{{ .Data.data.pwd }}{{ end }}
-[[- end ]]
+SMTP_PASSWORD=[[ .mail.relay.password ]]
 _EOF
         destination = "secrets/env"
         uid         = 100000
@@ -63,6 +64,7 @@ _EOF
         perms       = 0400
         env         = true
       }
+[[- end ]]
 
       volume_mount {
         volume      = "smtp-relay"

variables.yml

@@ -3,14 +3,11 @@
 mail:
   relay:
     # The Nomad job name
-    job_name: smtp-relay
+    instance: smtp-relay
 
     # The image to use
     image: danielberteaud/exim-relay:20231003-1
 
-    # The driver (podman or docker)
-    driver: docker
-
     # Number of instances to run
     count: 1
 
@@ -26,8 +23,8 @@ mail:
     host: smtp.example.org
     port: 587
     tls: True
-    # user: smtp@example.org
-    # Pass will be fetched from vault at kv/service/smtp-relay in the pwd key
+    user: smtp@example.org
+    password: '{{ with secret "[[ .vault.prefix ]]kv/service/[[ .mail.relay.instance ]]" }}{{ .Data.data.pwd }}{{ end }}'
 
     # The volume to use for /var/spool/postfix
     volume: