Ben Vincent
26b908e5e7
- change agentv2 to common node_pool - set default node_pool to default Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/317
54 lines
1.1 KiB
Plaintext
54 lines
1.1 KiB
Plaintext
# data_dir tends to be environment specific.
|
|
data_dir = "<%= @data_dir %>"
|
|
bind_addr = "0.0.0.0"
|
|
datacenter = "<%= scope['facts']['country'] %>-<%= scope['facts']['region'] %>"
|
|
|
|
<% if @server -%>
|
|
# Manage Servers
|
|
advertise {
|
|
http = "<%= @facts['networking']['ip'] %>"
|
|
rpc = "<%= @facts['networking']['ip'] %>"
|
|
serf = "<%= @facts['networking']['ip'] %>"
|
|
}
|
|
|
|
server {
|
|
enabled = true
|
|
bootstrap_expect = <%= @bootstrap_expect %>
|
|
}
|
|
<% end -%>
|
|
|
|
<% if @client -%>
|
|
# Manage clients/agents
|
|
client {
|
|
enabled = true
|
|
node_pool = "<%= @node_pool %>"
|
|
|
|
<%- @host_volumes.each do |volume| %>
|
|
host_volume "<%= volume['name'] %>" {
|
|
path = "<%= volume['path'] %>"
|
|
read_only = <%= volume['read_only'] %>
|
|
}
|
|
<% end %>
|
|
}
|
|
plugin "docker" {
|
|
config {
|
|
volumes {
|
|
enabled = true
|
|
}
|
|
}
|
|
}
|
|
<% end -%>
|
|
|
|
# Require TLS
|
|
tls {
|
|
http = true
|
|
rpc = true
|
|
|
|
ca_file = "/etc/pki/ca-trust/source/anchors/vaultcaroot.pem"
|
|
cert_file = "/etc/pki/tls/vault/certificate.crt"
|
|
key_file = "/etc/pki/tls/vault/private.key"
|
|
|
|
verify_server_hostname = true
|
|
verify_https_client = false
|
|
}
|