Ben Vincent
6a04701891
- add basic infra::incus role - add autossl, consul and ssh-principals for incus Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/229
34 lines
813 B
YAML
34 lines
813 B
YAML
---
|
|
profiles::pki::vault::alt_names:
|
|
- incus.service.consul
|
|
- incus.query.consul
|
|
- "incus.service.%{facts.country}-%{facts.region}.consul"
|
|
|
|
profiles::ssh::sign::principals:
|
|
- incus.service.consul
|
|
- incus.query.consul
|
|
- "incus.service.%{facts.country}-%{facts.region}.consul"
|
|
|
|
# configure consul service
|
|
consul::services:
|
|
incus:
|
|
service_name: 'incus'
|
|
tags:
|
|
- 'incus'
|
|
- 'container'
|
|
- 'lxd'
|
|
address: "%{facts.networking.ip}"
|
|
port: 8443
|
|
checks:
|
|
- id: 'incus_https_check'
|
|
name: 'incus HTTPS Check'
|
|
http: "https://%{facts.networking.fqdn}:8443"
|
|
method: 'GET'
|
|
tls_skip_verify: true
|
|
interval: '10s'
|
|
timeout: '1s'
|
|
profiles::consul::client::node_rules:
|
|
- resource: service
|
|
segment: incus
|
|
disposition: write
|