Ben Vincent
6fc5829fce
- merge consul/vault nginx proxy into single class - replace nginx proxy classes for consul/vault with simpleproxy class
35 lines
1.0 KiB
YAML
35 lines
1.0 KiB
YAML
---
|
|
profiles::consul::server::members_lookup: true
|
|
profiles::consul::server::data_dir: /data/consul
|
|
profiles::consul::server::addresses:
|
|
dns: "%{::networking.ip}"
|
|
http: "%{::networking.ip}"
|
|
https: "%{::networking.ip}"
|
|
grpc: "%{::networking.ip}"
|
|
grpc_tls: "%{::networking.ip}"
|
|
profiles::consul::server::ports:
|
|
dns: 8600
|
|
http: 8500
|
|
https: -1
|
|
profiles::consul::server::acl:
|
|
enabled: true
|
|
default_policy: 'deny'
|
|
down_policy: 'extend-cache'
|
|
tokens:
|
|
initial_management: "%{alias('profiles::consul::server::acl_tokens_initial_management')}"
|
|
default: "%{alias('profiles::consul::server::acl_tokens_default')}"
|
|
|
|
# additional altnames
|
|
profiles::pki::vault::alt_names:
|
|
- consul.main.unkin.net
|
|
- consul.service.consul
|
|
- consul
|
|
|
|
# manage a simple nginx reverse proxy
|
|
profiles::nginx::simpleproxy::nginx_vhost: 'consul.service.consul'
|
|
profiles::nginx::simpleproxy::nginx_aliases:
|
|
- consul
|
|
- consul.main.unkin.net
|
|
profiles::nginx::simpleproxy::proxy_port: 8500
|
|
profiles::nginx::simpleproxy::proxy_path: '/'
|