Switch dovecot to bottin2 & put secret in own consul key

This commit is contained in:
Alex 2020-02-11 22:42:28 +01:00
parent a552f67e94
commit cd6da5d52f
2 changed files with 14 additions and 8 deletions

View file

@ -1,6 +1,6 @@
hosts = bottin.service.2.cluster.deuxfleurs.fr hosts = bottin2.service.2.cluster.deuxfleurs.fr
dn = cn=<username>,dc=deuxfleurs,dc=fr dn = {{ key "secrets/email/dovecot/ldap_binddn" | trimSpace }}
dnpass = <password> dnpass = {{ key "secrets/email/dovecot/ldap_bindpwd" | trimSpace }}
base = dc=deuxfleurs,dc=fr base = dc=deuxfleurs,dc=fr
scope = subtree scope = subtree
user_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=deuxfleurs,dc=fr))) user_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=deuxfleurs,dc=fr)))

View file

@ -131,6 +131,17 @@ job "email" {
} }
} }
artifact {
source = "http://127.0.0.1:8500/v1/kv/configuration/email/dovecot/dovecot-ldap.conf.tpl?raw"
destination = "secrets/conf/dovecot-ldap.conf.tpl"
mode = "file"
}
template {
source = "secrets/conf/dovecot-ldap.conf.tpl"
destination = "secrets/conf/dovecot-ldap.conf"
perms = "400"
}
template { template {
data = "{{ key \"configuration/email/dovecot/dovecot.crt\" }}" data = "{{ key \"configuration/email/dovecot/dovecot.crt\" }}"
destination = "secrets/ssl/certs/dovecot.crt" destination = "secrets/ssl/certs/dovecot.crt"
@ -141,11 +152,6 @@ job "email" {
destination = "secrets/ssl/private/dovecot.key" destination = "secrets/ssl/private/dovecot.key"
perms = "400" perms = "400"
} }
template {
data = "{{ key \"configuration/email/dovecot/dovecot-ldap.conf\" }}"
destination = "secrets/conf/dovecot-ldap.conf"
perms = "400"
}
} }
} }