From ddd587b0778855f2199298d96fdd51792a948ea7 Mon Sep 17 00:00:00 2001
From: Timo Wilken
Date: Wed, 22 Feb 2023 11:20:48 +0100
Subject: Set up nomad, consul, vault

---
 tw/home.scm | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'tw/home.scm')

diff --git a/tw/home.scm b/tw/home.scm
index 3c957105..6968ae98 100644
--- a/tw/home.scm
+++ b/tw/home.scm
@@ -87,6 +87,23 @@ auto-expand-secmem
      ;; With #:recursive? #t, Guix keeps the files' permission bits, i.e. makes them executable.
      `((".local/bin/ppscm" ,(local-file "home/files/ppscm" #:recursive? #t))))  ; pretty-print scheme files
 
+   (simple-service 'cern-ci-environment home-environment-variables-service-type
+     ;; Nomad, Consul, Vault
+     ;; Tokens are not defined here as they are stored in pass(1).
+     ;; Shell aliases to use tokens are defined in zshrc.
+     '(("NOMAD_ADDR" . "https://alinomad.cern.ch:443")
+       ("NOMAD_CACERT" . "${XDG_CONFIG_HOME}/cern-ca-bundle.crt")
+       ("NOMAD_CLIENT_CERT" . "${XDG_CONFIG_HOME}/grid-personal-cert.pem")
+       ("NOMAD_CLIENT_KEY" . "${XDG_CONFIG_HOME}/grid-personal-key.pem")
+       ("CONSUL_HTTP_ADDR" . "https://aliconsul.cern.ch:443")
+       ("CONSUL_CACERT" . "${XDG_CONFIG_HOME}/cern-ca-bundle.crt")
+       ("CONSUL_CLIENT_CERT" . "${XDG_CONFIG_HOME}/grid-personal-cert.pem")
+       ("CONSUL_CLIENT_KEY" . "${XDG_CONFIG_HOME}/grid-personal-key.pem")
+       ("VAULT_ADDR" . "https://alivault.cern.ch:443")
+       ("VAULT_CACERT" . "${XDG_CONFIG_HOME}/cern-ca-bundle.crt")
+       ("VAULT_CLIENT_CERT" . "${XDG_CONFIG_HOME}/grid-personal-cert.pem")
+       ("VAULT_CLIENT_KEY" . "${XDG_CONFIG_HOME}/grid-personal-key.pem")))
+
    (simple-service 'common-environment home-environment-variables-service-type
      `(;; Path to my own package definitions. If invoking `guix home'
        ;; afresh, this needs to be set manually to find these packages.
-- 
cgit v1.2.3