hcp-ansible/playbooks/group_vars/all/globals.yml
Bertrand Lanson 2b8faa2bf5
All checks were successful
development / Check commit compliance (push) Successful in 5s
feat: add global internal TLS option, make externally_managed_certs work
2024-08-17 16:47:38 +02:00

109 lines
2.2 KiB
YAML

---
###################
# General options #
###################
enable_ingress: "yes"
enable_vault: "yes"
enable_consul: "yes"
enable_nomad: "yes"
nomad_version: "1.8.1"
consul_version: "1.18.1"
vault_version: "1.16.2"
consul_fqdn: consul.ednz.lab
vault_fqdn: vault.ednz.lab
nomad_fqdn: nomad.ednz.lab
# hashistack_external_vip_interface: "eth0"
# hashistack_external_vip_addr: "192.168.121.100"
# hashistack_internal_vip_interface: "{{ hashistack_external_vip_interface }}"
# hashistack_internal_vip_addr: "{{ hashistack_external_vip_addr }}"
api_interface: "eth0"
api_interface_address: "{{ ansible_facts[api_interface]['ipv4']['address'] }}"
###################
# logging options #
###################
enable_log_to_file: true
########################
# external tls options #
########################
enable_tls_external: false
external_tls_externally_managed_certs: false
########################
# internal tls options #
########################
enable_tls_internal: false
internal_tls_externally_managed_certs: false
##########
# Consul #
##########
consul_domain: consul
consul_datacenter: dc1
consul_primary_datacenter: "{{ consul_datacenter }}"
consul_gossip_encryption_key: "{{ _credentials.consul.gossip_encryption_key }}"
consul_enable_script_checks: false
consul_extra_files_list: []
consul_extra_configuration: {}
consul_enable_tls: "{{ enable_tls_internal }}"
consul_log_level: info
#########
# Vault #
#########
vault_cluster_name: vault
vault_bind_addr: "0.0.0.0"
vault_cluster_addr: "{{ api_interface_address }}"
vault_enable_ui: true
vault_disable_mlock: false
vault_disable_cache: false
vault_extra_files_list: []
vault_extra_configuration: {}
vault_enable_tls: "{{ enable_tls_internal }}"
vault_enable_service_registration: "{{ enable_consul | bool }}"
vault_enable_plugins: false
vault_log_level: info
#########
# Nomad #
#########
nomad_region: global
nomad_datacenter: dc1
nomad_extra_files_list: []
nomad_extra_configuration: {}
nomad_autopilot_configuration: {}
nomad_driver_enable_docker: true
nomad_driver_enable_podman: false
nomad_driver_enable_raw_exec: false
nomad_driver_enable_java: false
nomad_driver_enable_qemu: false
nomad_driver_extra_configuration: {}
nomad_log_level: info
nomad_enable_tls: "{{ enable_tls_internal }}"