tixie/nixcfg
1
0
Fork 0
forked from Deuxfleurs/nixcfg
Code Pull requests Activity

Fix access to consul for non-server nodes

Browse source
This commit is contained in:
Alex 2022-08-24 16:58:09 +02:00
parent fe1f261738
commit a0c8280c02
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
gen_pki
View file

@ -59,7 +59,7 @@ subjectAltName = @alt_names
[alt_names] [alt_names]
DNS.1 = server.$CLUSTER.$APP DNS.1 = server.$CLUSTER.$APP
DNS.2 = client.$CLUSTER.$APP DNS.2 = client.$CLUSTER.$APP
DNS.3 = $APP.service.$CLUSTER.$APP DNS.3 = $APP.service.$CLUSTER.consul
DNS.4 = localhost DNS.4 = localhost
DNS.5 = 127.0.0.1 DNS.5 = 127.0.0.1
EOF EOF

2
nix/deuxfleurs.nix
View file

@ -251,7 +251,7 @@ in
serf = "${cfg.cluster_ip}"; serf = "${cfg.cluster_ip}";
}; };
consul = { consul = {
address = "localhost:8501"; address = "consul.service.prod.consul:8501";
ca_file = "/var/lib/nomad/pki/consul2022.crt"; ca_file = "/var/lib/nomad/pki/consul2022.crt";
cert_file = "/var/lib/nomad/pki/consul2022-client.crt"; cert_file = "/var/lib/nomad/pki/consul2022-client.crt";
key_file = "/var/lib/nomad/pki/consul2022-client.key"; key_file = "/var/lib/nomad/pki/consul2022-client.key";