From a0c8280c02855fa2731d3f89df1dec0ae9627990 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Wed, 24 Aug 2022 16:58:09 +0200 Subject: [PATCH] Fix access to consul for non-server nodes --- gen_pki | 2 +- nix/deuxfleurs.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/gen_pki b/gen_pki index c06865b..ad867fb 100755 --- a/gen_pki +++ b/gen_pki @@ -59,7 +59,7 @@ subjectAltName = @alt_names [alt_names] DNS.1 = server.$CLUSTER.$APP DNS.2 = client.$CLUSTER.$APP -DNS.3 = $APP.service.$CLUSTER.$APP +DNS.3 = $APP.service.$CLUSTER.consul DNS.4 = localhost DNS.5 = 127.0.0.1 EOF diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index 0b5169f..b6d3417 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -251,7 +251,7 @@ in serf = "${cfg.cluster_ip}"; }; consul = { - address = "localhost:8501"; + address = "consul.service.prod.consul:8501"; ca_file = "/var/lib/nomad/pki/consul2022.crt"; cert_file = "/var/lib/nomad/pki/consul2022-client.crt"; key_file = "/var/lib/nomad/pki/consul2022-client.key";