feat: add a nomad agent v2 role (#293)

- excludes ceph (will be passed from incus)
- excludes frrouting (will use host-networking)

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/293

hieradata/roles/infra/nomad/agentv2.yaml

@@ -0,0 +1,55 @@
+---
+hiera_include:
+  - docker
+  - docker::networks
+  - profiles::nomad::node
+
+docker::version: latest
+docker::curl_ensure: false
+docker::root_dir: /data/docker
+docker::ip_forward: true
+#docker::ip_masq: false
+#docker::iptables: false
+
+systemd::manage_networkd: true
+systemd::manage_all_network_files: true
+networking::interfaces:
+  eth0:
+    type: physical
+    forwarding: true
+    dhcp: true
+
+profiles::packages::include:
+  nomad: {}
+  cni-plugins: {}
+
+profiles::nomad::node::client: true
+
+# additional altnames
+profiles::pki::vault::alt_names:
+  - client.global.nomad
+  - client.au-syd1.nomad
+  - nomad-client.service.consul
+  - nomad-client.query.consul
+  - "nomad-client.service.%{facts.country}-%{facts.region}.consul"
+
+# configure consul service
+profiles::consul::client::node_rules:
+  - resource: service
+    segment: nomad-client
+    disposition: write
+  - resource: agent_prefix
+    segment: ''
+    disposition: read
+  - resource: node_prefix
+    segment: ''
+    disposition: write
+  - resource: service_prefix
+    segment: ''
+    disposition: write
+  - resource: key_prefix
+    segment: "nomad"
+    disposition: write
+  - resource: session_prefix
+    segment: ""
+    disposition: write

site/roles/manifests/infra/nomad/agentv2.pp

@@ -0,0 +1,12 @@
+# a role to deploy a nomad agent, second iteration
+# using host based networking
+class roles::infra::nomad::agentv2 {
+  if $facts['firstrun'] {
+    include profiles::defaults
+    include profiles::firstrun::init
+  }else{
+    include profiles::defaults
+    include profiles::base
+    include profiles::base::datavol
+  }
+}