renew_nomad_certificates/defaults/main.yml

23 lines
966 B
YAML

---
# defaults file for renew_nomad_certificates
renew_nomad_certificates_config_dir: /etc/consul-template.d/nomad
renew_nomad_certificates_nomad_user: nomad
renew_nomad_certificates_nomad_group: nomad
renew_nomad_certificates_vault_addr: "https://vault.example.com"
renew_nomad_certificates_vault_token: mysupersecretnomadtokenthatyoushouldchange
renew_nomad_certificates_vault_token_unwrap: false
renew_nomad_certificates_vault_token_renew: true
renew_nomad_certificates_ca_dest: /opt/nomad/tls/ca.pem
renew_nomad_certificates_cert_dest: /opt/nomad/tls/cert.pem
renew_nomad_certificates_key_dest: /opt/nomad/tls/key.pem
renew_nomad_certificates_info:
issuer_path: pki/issue/your-issuer
common_name: nomad01.example.com
ttl: 90d
is_server: false
is_client: false
include_nomad_service: false
renew_nomad_certificates_nomad_dc_name: dc1.nomad
renew_nomad_certificates_nomad_service_name: nomad.service.nomad
renew_nomad_certificates_start_service: false