hcp-ansible/playbooks/group_vars/all/all.yml

83 lines
2.8 KiB
YAML
Raw Permalink Normal View History

---
##################
# helper options #
##################
manage_pip_packages_allow_break_system_packages: >-
{{
(ansible_distribution == 'Debian' and (ansible_distribution_version|int) >= 12)
or (ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version|int) >= 24)
}}
2024-08-17 12:05:44 +00:00
hashistack_configuration_directory: "{{ lookup('env', 'PWD') }}/etc/hashistack"
hashistack_sub_configuration_directories:
secrets: "{{ hashistack_configuration_directory }}/secrets"
certificates: "{{ hashistack_configuration_directory }}/certificates"
nomad_servers: "{{ hashistack_configuration_directory }}/nomad_servers"
vault_servers: "{{ hashistack_configuration_directory }}/vault_servers"
consul_servers: "{{ hashistack_configuration_directory }}/consul_servers"
2024-08-17 12:05:44 +00:00
hashistack_configuration_global_vars_file: "globals.yml"
hashistack_configuration_credentials_vars_file: "credentials.yml"
hashistack_remote_config_dir: "/etc/hashistack"
2024-08-17 12:05:44 +00:00
hashistack_remote_log_dir: "/var/log/hashistack"
###################
# support options #
################# #
hashistack_supported_distributions:
- ubuntu
- debian
hashistack_supported_distribution_versions:
debian:
- "11"
- "12"
ubuntu:
- "20.04"
- "22.04"
- "24.04"
preflight_enable_host_ntp_checks: true
haproxy_required_ports: [80, 443]
vault_required_ports: [8200, 8201]
consul_required_ports: [8300, 8301, 8302, 8500, 8501, 8502, 8503, 8600]
nomad_required_ports: [4646, 4647, 4648]
target: all, !deployment
2024-08-29 18:13:45 +00:00
#############################################################
# consul -- DO NOT TWEAK UNLESS YOU KNOW WHAT YOU ARE DOING #
#############################################################
consul_init_server: "{{ (inventory_hostname == groups['consul_servers'][0]) | bool }}"
consul_api_addr: "{{ consul_api_scheme }}://{{ api_interface_address }}:{{ consul_api_port[consul_api_scheme] }}"
consul_api_scheme: "{{ 'https' if consul_enable_tls else 'http' }}"
consul_api_port:
http: 8500
https: 8501
consul_grpc_port:
http: 8502
https: 8503
############################################################
# nomad -- DO NOT TWEAK UNLESS YOU KNOW WHAT YOU ARE DOING #
############################################################
nomad_init_server: "{{ (inventory_hostname == groups['nomad_servers'][0]) | bool }}"
nomad_api_addr: "{{ nomad_api_scheme }}://{{ api_interface_address }}:{{ nomad_api_port[nomad_api_scheme] }}"
nomad_api_scheme: "{{ 'https' if nomad_enable_tls else 'http' }}"
nomad_api_port:
http: "{{ nomad_address_configuration.ports.http }}"
https: "{{ nomad_address_configuration.ports.http }}"
############################################################
# vault -- DO NOT TWEAK UNLESS YOU KNOW WHAT YOU ARE DOING #
############################################################
vault_init_server: "{{ (inventory_hostname == groups['vault_servers'][0]) | bool }}"