fix: move primary_datacenter to region/role
- set syd1 as primary consul datacentre - add consul.service.consul zone - add nginx reverse proxy for consul webui - set dns zones/acls/views/keys to be deep merged from hiera - update default token - add consul/consul.service.consul/consul.main.unkin.net to vault cert
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
---
|
||||
profiles::consul::server::members_lookup: true
|
||||
profiles::consul::server::data_dir: /data/consul
|
||||
profiles::consul::server::primary_datacenter: 'au-drw1'
|
||||
profiles::consul::server::addresses:
|
||||
dns: "%{::networking.ip}"
|
||||
http: "%{::networking.ip}"
|
||||
@@ -19,3 +18,9 @@ profiles::consul::server::acl:
|
||||
tokens:
|
||||
initial_management: "%{alias('profiles::consul::server::acl_tokens_initial_management')}"
|
||||
default: "%{alias('profiles::consul::server::acl_tokens_default')}"
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
- consul.main.unkin.net
|
||||
- consul.service.consul
|
||||
- consul
|
||||
|
||||
Reference in New Issue
Block a user