|
|
|
|
@ -96,8 +96,9 @@ resource "enos_remote_exec" "update_path_controller" {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
locals {
|
|
|
|
|
audit_log_directory = "/var/log/boundary"
|
|
|
|
|
service_user = "boundary"
|
|
|
|
|
audit_log_directory = "/var/log/boundary"
|
|
|
|
|
auth_storage_directory = "/var/lib/boundary"
|
|
|
|
|
service_user = "boundary"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "enos_file" "controller_config" {
|
|
|
|
|
@ -176,11 +177,11 @@ resource "enos_remote_exec" "create_controller_audit_log_dir" {
|
|
|
|
|
for_each = toset([for idx in range(var.controller_count) : tostring(idx)])
|
|
|
|
|
|
|
|
|
|
environment = {
|
|
|
|
|
LOG_DIR = local.audit_log_directory
|
|
|
|
|
NEW_DIR = local.audit_log_directory
|
|
|
|
|
SERVICE_USER = local.service_user
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
scripts = [abspath("${path.module}/scripts/create-audit-log-dir.sh")]
|
|
|
|
|
scripts = [abspath("${path.module}/scripts/create-dir.sh")]
|
|
|
|
|
|
|
|
|
|
transport = {
|
|
|
|
|
ssh = {
|
|
|
|
|
@ -235,6 +236,7 @@ resource "enos_file" "worker_config" {
|
|
|
|
|
region = var.aws_region
|
|
|
|
|
type = jsonencode(var.worker_type_tags)
|
|
|
|
|
recording_storage_path = var.recording_storage_path
|
|
|
|
|
auth_storage_path = local.auth_storage_directory
|
|
|
|
|
audit_log_dir = local.audit_log_directory
|
|
|
|
|
hcp_boundary_cluster_id = var.hcp_boundary_cluster_id
|
|
|
|
|
vault_address = local.network_stack[var.ip_version].vault_address
|
|
|
|
|
@ -273,11 +275,31 @@ resource "enos_remote_exec" "create_worker_audit_log_dir" {
|
|
|
|
|
for_each = toset([for idx in range(var.worker_count) : tostring(idx)])
|
|
|
|
|
|
|
|
|
|
environment = {
|
|
|
|
|
LOG_DIR = local.audit_log_directory
|
|
|
|
|
NEW_DIR = local.audit_log_directory
|
|
|
|
|
SERVICE_USER = local.service_user
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
scripts = [abspath("${path.module}/scripts/create-audit-log-dir.sh")]
|
|
|
|
|
scripts = [abspath("${path.module}/scripts/create-dir.sh")]
|
|
|
|
|
|
|
|
|
|
transport = {
|
|
|
|
|
ssh = {
|
|
|
|
|
host = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "enos_remote_exec" "create_worker_auth_storage_dir" {
|
|
|
|
|
depends_on = [
|
|
|
|
|
enos_boundary_start.worker_start,
|
|
|
|
|
]
|
|
|
|
|
for_each = toset([for idx in range(var.worker_count) : tostring(idx)])
|
|
|
|
|
|
|
|
|
|
environment = {
|
|
|
|
|
NEW_DIR = local.auth_storage_directory
|
|
|
|
|
SERVICE_USER = local.service_user
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
scripts = [abspath("${path.module}/scripts/create-dir.sh")]
|
|
|
|
|
|
|
|
|
|
transport = {
|
|
|
|
|
ssh = {
|
|
|
|
|
|
Michael Li
11 months ago
committed by
GitHub