9f05d62338
Use HCP Consul and HCP Vault for the Consul and Vault clusters used in E2E testing. This has the following benefits: * Without the need to support mTLS bootstrapping for Consul and Vault, we can simplify the mTLS configuration by leaning on Terraform instead of janky bash shell scripting. * Vault bootstrapping is no longer required, so we can eliminate even more janky shell scripting * Our E2E exercises HCP, which is important to us as an organization * With the reduction in configurability, we can simplify the Terraform configuration and drop the complicated `provision.sh`/`provision.ps1` scripts we were using previously. We can template Nomad configuration files and upload them with the `file` provisioner. * Packer builds for Linux and Windows become much simpler. tl;dr way less janky shell scripting!
12 lines
228 B
HCL
12 lines
228 B
HCL
tls {
|
|
http = true
|
|
rpc = true
|
|
|
|
ca_file = "/etc/nomad.d/tls/ca.crt"
|
|
cert_file = "/etc/nomad.d/tls/agent.crt"
|
|
key_file = "/etc/nomad.d/tls/agent.key"
|
|
|
|
verify_server_hostname = true
|
|
verify_https_client = true
|
|
}
|