Cleanup credentials and db use

2025-05-25 18:01:47 +10:00
parent ffbd240453
commit 376c278c11
5 changed files with 44 additions and 13 deletions
--- a/2-nomad-config/authelia.tf
+++ b/2-nomad-config/authelia.tf
@@ -2,11 +2,23 @@ resource "nomad_job" "authelia" {
  jobspec = file("authelia.nomad.hcl")
 }

+resource "postgresql_role" "authelia" {
+  name     = "authelia"
+  password = data.sops_file.secrets.data["authelia.database_pw"]
+  login    = true
+}
+
+resource "postgresql_database" "authelia" {
+  name  = "authelia"
+  owner = postgresql_role.authelia.name
+}
+
 resource "nomad_variable" "authelia" {
  path = "nomad/jobs/authelia"
  items = {
    session_secret = data.sops_file.secrets.data["authelia.session_secret"]
    jwt_secret     = data.sops_file.secrets.data["authelia.jwt_secret"]
    encryption_key = data.sops_file.secrets.data["authelia.encryption_key"]
+    database_pw    = data.sops_file.secrets.data["authelia.database_pw"]
  }
 }