sebastian/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cefa991ddc8252458e870f7d844579b83dedc648
ansible/roles/consul/templates/etc_consul.d_00-base_config.hcl.j2
sebastian 6224cd01c6 initial upload
2025-10-10 11:07:34 +00:00

84 lines
2.3 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
# Logging
enable_syslog = true
log_level = "INFO"
disable_update_check = true
# Basics
data_dir = "{{ consul_data_dir }}"
datacenter = "{{ datacenter_id }}"
server = {{ 'false' if consul_server else 'true' }}
ui = true
# Network
{% if consul_bootstrap_expect > 0 %}
encrypt = "{{ consul_encrypt_key }}"
{% endif %}
client_addr = "{{ consul_client_addr }}"
bind_addr = "{{ network_private_ip }}"
advertise_addr = "{{ network_private_ip }}"
retry_join = [
{% for peer in consul_servers if peer != ansible_hostname and hostvars[peer].datacenter_id == datacenter_id %}
"{{ hostvars[peer].network_private_ip }}"{{ ',' if not loop.last else '' }}
{% endfor %}
]
{% if consul_server %}
{% if consul_bootstrap_expect > 0 %}
bootstrap_expect = {{ consul_bootstrap_expect }}
{% endif %}
rejoin_after_leave = true
retry_join_wan = [
{% for peer in consul_servers if hostvars[peer].datacenter_id != datacenter_id %}
"{{ hostvars[peer].network_private_ip }}"{{ ',' if not loop.last else '' }}
{% endfor %}
]
{% endif %}
# TLS
#ports {
# https = 8501
#}
#key_file = "/etc/letsencrypt/live/{{ ansible_hostname }}.maruntiel.net/privkey1.pem"
#cert_file = "/etc/letsencrypt/live/{{ ansible_hostname }}.maruntiel.net/fullchain1.pem"
#ca_file = "/etc/letsencrypt/live/{{ ansible_hostname }}.maruntiel.net/chain1.pem"
#verify_incoming = true
#verify_outgoing = true
#tls_min_version = "tls12"
# Features
enable_script_checks = true
disable_remote_exec = true
# ACLs
#{% if consul_acl_datacenter is defined and consul_acl_datacenter %}
#acl_datacenter = "{{ consul_acl_datacenter }}"
#acl_default_policy = "deny"
#acl_down_policy = "extend-cache"
#acl_agent_token = "{{ consul_acl_agent_token }}"
#acl_token = "{{ consul_acl_token }}"
#{% if datacenter_id != consul_acl_datacenter %}
#acl_replication_token = "{{ consul_acl_replication_token | default(consul_acl_master_token) }}"
#{% endif %}
#{% endif %}
# DNS
dns_config {
node_ttl = "60s"
service_ttl {
"*" = "15s"
}
}
# Metadata
node_meta {
architecture = "{{ ansible_userspace_architecture }}"
product_name = "{{ ansible_system_vendor|replace(' Inc.', '') }} {{ ansible_product_name }}"
virtualization_role = "{{ ansible_virtualization_role }}"
}
# Consul Stats
telemetry {
disable_hostname = true
}
Reference in New Issue View Git Blame Copy Permalink