84 lines
2.3 KiB
Django/Jinja
84 lines
2.3 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
|
|
# Logging
|
|
enable_syslog = true
|
|
log_level = "INFO"
|
|
disable_update_check = true
|
|
|
|
# Basics
|
|
data_dir = "{{ consul_data_dir }}"
|
|
datacenter = "{{ datacenter_id }}"
|
|
server = {{ 'false' if consul_server else 'true' }}
|
|
ui = true
|
|
|
|
# Network
|
|
{% if consul_bootstrap_expect > 0 %}
|
|
encrypt = "{{ consul_encrypt_key }}"
|
|
{% endif %}
|
|
client_addr = "{{ consul_client_addr }}"
|
|
bind_addr = "{{ network_private_ip }}"
|
|
advertise_addr = "{{ network_private_ip }}"
|
|
retry_join = [
|
|
{% for peer in consul_servers if peer != ansible_hostname and hostvars[peer].datacenter_id == datacenter_id %}
|
|
"{{ hostvars[peer].network_private_ip }}"{{ ',' if not loop.last else '' }}
|
|
{% endfor %}
|
|
]
|
|
{% if consul_server %}
|
|
{% if consul_bootstrap_expect > 0 %}
|
|
bootstrap_expect = {{ consul_bootstrap_expect }}
|
|
{% endif %}
|
|
rejoin_after_leave = true
|
|
retry_join_wan = [
|
|
{% for peer in consul_servers if hostvars[peer].datacenter_id != datacenter_id %}
|
|
"{{ hostvars[peer].network_private_ip }}"{{ ',' if not loop.last else '' }}
|
|
{% endfor %}
|
|
]
|
|
{% endif %}
|
|
|
|
# TLS
|
|
#ports {
|
|
# https = 8501
|
|
#}
|
|
#key_file = "/etc/letsencrypt/live/{{ ansible_hostname }}.maruntiel.net/privkey1.pem"
|
|
#cert_file = "/etc/letsencrypt/live/{{ ansible_hostname }}.maruntiel.net/fullchain1.pem"
|
|
#ca_file = "/etc/letsencrypt/live/{{ ansible_hostname }}.maruntiel.net/chain1.pem"
|
|
#verify_incoming = true
|
|
#verify_outgoing = true
|
|
#tls_min_version = "tls12"
|
|
|
|
# Features
|
|
enable_script_checks = true
|
|
disable_remote_exec = true
|
|
|
|
# ACLs
|
|
#{% if consul_acl_datacenter is defined and consul_acl_datacenter %}
|
|
#acl_datacenter = "{{ consul_acl_datacenter }}"
|
|
#acl_default_policy = "deny"
|
|
#acl_down_policy = "extend-cache"
|
|
#acl_agent_token = "{{ consul_acl_agent_token }}"
|
|
#acl_token = "{{ consul_acl_token }}"
|
|
#{% if datacenter_id != consul_acl_datacenter %}
|
|
#acl_replication_token = "{{ consul_acl_replication_token | default(consul_acl_master_token) }}"
|
|
#{% endif %}
|
|
#{% endif %}
|
|
|
|
# DNS
|
|
dns_config {
|
|
node_ttl = "60s"
|
|
service_ttl {
|
|
"*" = "15s"
|
|
}
|
|
}
|
|
|
|
# Metadata
|
|
node_meta {
|
|
architecture = "{{ ansible_userspace_architecture }}"
|
|
product_name = "{{ ansible_system_vendor|replace(' Inc.', '') }} {{ ansible_product_name }}"
|
|
virtualization_role = "{{ ansible_virtualization_role }}"
|
|
}
|
|
|
|
# Consul Stats
|
|
telemetry {
|
|
disable_hostname = true
|
|
}
|