Docker ca #40
Docker ca #40
Conversation
| @@ -0,0 +1,128 @@ | |||
| --- | |||
There was a problem hiding this comment.
can we minimize this file, lot of unnecessary stuff
| @@ -6,6 +6,7 @@ variable "private_key" {} | |||
| variable "ca_cert_pem" {} | |||
| variable "validity_period_hours" {} | |||
| variable "early_renewal_hours" {} | |||
| variable "user" {} | |||
There was a problem hiding this comment.
seems like we should provide some defaults for these so we dont have to inject them all the time -
would provide defaults for validity_period_hours , validity_period_hours and user
|
migrating terraform bit to https://github.com/Capgemini/tf_tls/tree/master/docker |
| @@ -82,6 +83,30 @@ module "admin_cert" { | |||
| ca_private_key_pem = "${module.ca.ca_private_key_pem}" | |||
| } | |||
|
|
|||
| module "docker_daemon_certs" { | |||
| source = "github.com/Capgemini/tf_tls//docker/daemon" | |||
There was a problem hiding this comment.
could these be done in 1-shot by just pointing to /docker and putting a TF file in the top level directory that calls down to both daemon+client to avoid repeating yourself here?
There was a problem hiding this comment.
I like to have ability and granularity to configure both daemon and client by separate, otherwise you'll be assuming ip_addresses_list or count is same for both which it isn't necessarily
No description provided.