temp stand-in encryption still needs to be valid base64 😝

internetarchive · Mar 13, 2024 · 00f3403 · 00f3403
1 parent a099662
commit 00f3403
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 5 deletions.
diff --git a/bin/bootstrap.sh b/bin/bootstrap.sh
@@ -49,7 +49,7 @@ if [ ! $FIRST ]; then
   done
   set -e
 
-  consul keygen | tr -d ^ | podman secret create HIND_C -
+  consul keygen                          | tr -d ^ | podman secret create HIND_C -
   nomad operator gossip keyring generate | tr -d ^ | podman secret create HIND_N -
 
   export   NOMAD_TOKEN=$(fgrep 'Secret ID' /tmp/bootstrap |cut -f2- -d= |tr -d ' ')

diff --git a/bin/entrypoint.sh b/bin/entrypoint.sh
@@ -9,8 +9,8 @@ if [ ! -e /opt/nomad/data/plugins ]; then
   exit 0
 fi
 
-sed -i "s/RUNTIME_REPLACED/$HIND_C/" $CONSUL_HCL
-sed -i "s/RUNTIME_REPLACED/$HIND_N/"  $NOMAD_HCL
+sed -i "s/cafe-facade/$HIND_C/" $CONSUL_HCL
+sed -i "s/cafe-facade/$HIND_N/"  $NOMAD_HCL
 
 # set for `nomad run` of jobs with `podman` driver
 podman system service -t 0 & # xxx prolly add into supervisord for autorestart

diff --git a/etc/consul.hcl b/etc/consul.hcl
@@ -11,4 +11,4 @@ limits {
 }
 
 # setup for 2+ VMs to have their consul daemons be able to talk to each other
-encrypt = "RUNTIME_REPLACED"
+encrypt = "cafe-facade"
diff --git a/etc/nomad.hcl b/etc/nomad.hcl
@@ -44,5 +44,5 @@ server {
   }
 
   # setup for 2+ VMs to have their nomad daemons be able to talk to each other
-  encrypt = "RUNTIME_REPLACED"
+  encrypt = "cafe-facade"
 }