--- profiles::consul::server::members_lookup: true profiles::consul::server::data_dir: /data/consul profiles::consul::server::addresses: dns: "%{::networking.ip}" http: "%{::networking.ip}" https: "%{::networking.ip}" grpc: "%{::networking.ip}" grpc_tls: "%{::networking.ip}" profiles::consul::server::ports: dns: 8600 http: 8500 https: -1 profiles::consul::server::acl: enabled: true default_policy: 'deny' down_policy: 'extend-cache' tokens: initial_management: "%{alias('profiles::consul::server::acl_tokens_initial_management')}" default: "%{alias('profiles::consul::server::acl_tokens_default')}" replication: "%{alias('profiles::consul::server::acl_tokens_replication')}" # additional altnames profiles::pki::vault::alt_names: - consul.main.unkin.net - consul.service.consul - consul # manage a simple nginx reverse proxy profiles::nginx::simpleproxy::nginx_vhost: 'consul.service.consul' profiles::nginx::simpleproxy::nginx_aliases: - consul - consul.main.unkin.net profiles::nginx::simpleproxy::proxy_port: 8500 profiles::nginx::simpleproxy::proxy_path: '/' profiles::consul::prepared_query::rules: vault: ensure: 'present' service_name: 'vault' service_failover_n: 3 service_only_passing: true ttl: 10 puppet: ensure: 'present' service_name: 'puppet' service_failover_n: 3 service_only_passing: true ttl: 10 puppetca: ensure: 'present' service_name: 'puppetca' service_failover_n: 3 service_only_passing: true ttl: 10 edgecache: ensure: 'present' service_name: 'edgecache' service_failover_n: 3 service_only_passing: true ttl: 10 puppetdbapi: ensure: 'present' service_name: 'puppetdbapi' service_failover_n: 3 service_only_passing: true ttl: 10 puppetboard: ensure: 'present' service_name: 'puppetboard' service_failover_n: 3 service_only_passing: true ttl: 10 git: ensure: 'present' service_name: 'git' service_failover_n: 3 service_only_passing: true ttl: 10