feat: deploy consul services

- add vault.service.consul

hieradata/common.yaml

@@ -63,6 +63,15 @@ lookup_options:
   profiles::dns::master::keys:
     merge:
       strategy: deep
+  consul::services:
+    merge:
+      strategy: deep
+  consul::watch:
+    merge:
+      strategy: deep
+  consul::check:
+    merge:
+      strategy: deep
 
 facts_path: '/opt/puppetlabs/facter/facts.d'
 

hieradata/country/au/region/syd1/infra/storage/vault.yaml

@@ -1,2 +1,18 @@
 ---
 profiles::vault::server::primary_datacenter: 'au-syd1'
+consul::services:
+  vault:
+    service_name: 'vault'
+    tags:
+      - 'https'
+      - 'secure'
+    address: "%{facts.networking.ip}"  # Dynamically set from the networking facts
+    port: 443
+    checks:
+      - check_id: 'vault_https_check'
+        name: 'Vault HTTPS Check'
+        http: "https://%{facts.networking.fqdn}:443/v1/sys/health"
+        method: 'GET'
+        tls_skip_verify: true  # Set to false in production for security
+        interval: '10s'
+        timeout: '1s'