open-nomad/e2e/terraform/provision-nomad/install-linux.tf

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

134 lines
4.1 KiB
Terraform
Raw Normal View History

resource "local_sensitive_file" "nomad_systemd_unit_file" {
content = templatefile("etc/nomad.d/nomad-${var.role}.service", {})
filename = "${local.upload_dir}/nomad.d/nomad.service"
file_permission = "0600"
}
resource "null_resource" "install_nomad_binary_linux" {
count = var.platform == "linux" ? 1 : 0
triggers = { nomad_binary_sha = filemd5(var.nomad_local_binary) }
connection {
type = "ssh"
user = var.connection.user
host = var.instance.public_ip
port = var.connection.port
private_key = file(var.connection.private_key)
timeout = "5m"
}
provisioner "file" {
source = var.nomad_local_binary
destination = "/tmp/nomad"
}
provisioner "remote-exec" {
inline = [
"sudo mv /tmp/nomad /usr/local/bin/nomad",
"sudo chmod +x /usr/local/bin/nomad",
]
}
}
resource "null_resource" "install_consul_configs_linux" {
count = var.platform == "linux" ? 1 : 0
depends_on = [
null_resource.upload_consul_configs,
]
connection {
type = "ssh"
user = var.connection.user
host = var.instance.public_ip
port = var.connection.port
private_key = file(var.connection.private_key)
timeout = "5m"
}
provisioner "remote-exec" {
inline = [
"mkdir -p /etc/consul.d",
"sudo rm -rf /etc/consul.d/*",
"sudo mv /tmp/consul_ca.pem /etc/consul.d/ca.pem",
"sudo mv /tmp/consul_client_acl.json /etc/consul.d/acl.json",
"sudo mv /tmp/consul_client.json /etc/consul.d/consul_client.json",
"sudo mv /tmp/consul_client_base.json /etc/consul.d/consul_client_base.json",
"sudo mv /tmp/consul.service /etc/systemd/system/consul.service",
]
}
}
resource "null_resource" "install_nomad_configs_linux" {
count = var.platform == "linux" ? 1 : 0
depends_on = [
null_resource.upload_nomad_configs,
]
connection {
type = "ssh"
user = var.connection.user
host = var.instance.public_ip
port = var.connection.port
private_key = file(var.connection.private_key)
timeout = "5m"
}
provisioner "remote-exec" {
inline = [
"mkdir -p /etc/nomad.d",
"mkdir -p /opt/nomad/data",
"sudo rm -rf /etc/nomad.d/*",
"sudo mv /tmp/consul.hcl /etc/nomad.d/consul.hcl",
"sudo mv /tmp/vault.hcl /etc/nomad.d/vault.hcl",
"sudo mv /tmp/base.hcl /etc/nomad.d/base.hcl",
"sudo mv /tmp/${var.role}-${var.platform}.hcl /etc/nomad.d/${var.role}-${var.platform}.hcl",
"sudo mv /tmp/${var.role}-${var.platform}-${var.index}.hcl /etc/nomad.d/${var.role}-${var.platform}-${var.index}.hcl",
"sudo mv /tmp/.environment /etc/nomad.d/.environment",
# TLS
"sudo mkdir /etc/nomad.d/tls",
"sudo mv /tmp/tls.hcl /etc/nomad.d/tls.hcl",
"sudo mv /tmp/agent-${var.instance.public_ip}.key /etc/nomad.d/tls/agent.key",
"sudo mv /tmp/agent-${var.instance.public_ip}.crt /etc/nomad.d/tls/agent.crt",
"sudo mv /tmp/tls_proxy.key /etc/nomad.d/tls/tls_proxy.key",
"sudo mv /tmp/tls_proxy.crt /etc/nomad.d/tls/tls_proxy.crt",
"sudo mv /tmp/self_signed.key /etc/nomad.d/tls/self_signed.key",
"sudo mv /tmp/self_signed.crt /etc/nomad.d/tls/self_signed.crt",
"sudo mv /tmp/ca.crt /etc/nomad.d/tls/ca.crt",
"sudo mv /tmp/nomad.service /etc/systemd/system/nomad.service",
]
}
}
resource "null_resource" "restart_linux_services" {
count = var.platform == "linux" ? 1 : 0
depends_on = [
null_resource.install_nomad_binary_linux,
null_resource.install_consul_configs_linux,
null_resource.install_nomad_configs_linux,
]
connection {
type = "ssh"
user = var.connection.user
host = var.instance.public_ip
port = var.connection.port
private_key = file(var.connection.private_key)
timeout = "5m"
}
provisioner "remote-exec" {
inline = [
"sudo systemctl daemon-reload",
"sudo systemctl enable consul",
"sudo systemctl restart consul",
"sudo systemctl enable nomad",
"sudo systemctl restart nomad",
]
}
}