--- # file: roles/consul/defaults/main.yaml # Inst - Prerequisites. packages: "{{ packages_base + packages_by_distro[ansible_distribution | lower] + packages_by_arch[ansible_machine] }}" packages_base: - "curl" - "unzip" packages_by_distro: ubuntu: - [] packages_by_arch: aarch64: - [] x86_64: - [] # Inst - Consul Map. consul_architecture_map: amd64: "amd64" x86_64: "amd64" armv7l: "arm" aarch64: "arm64" 32-bit: "386" 64-bit: "amd64" consul_architecture: "{{ consul_architecture_map[ansible_architecture] }}" consul_version: "1.12.2" consul_pkg: "consul_{{ consul_version }}_linux_{{ consul_architecture }}.zip" consul_zip_url: "https://releases.hashicorp.com/consul/{{ consul_version }}/{{ consul_pkg }}" consul_force_update: false # Inst - System paths. consul_bin_dir: "/usr/local/bin" consul_config_dir: "/etc/consul.d" consul_data_dir: "/var/consul" consul_inst_dir: "/opt" consul_lockfile: "/var/lock/subsys/consul" consul_run_dir: "/var/run/consul" consul_ssl_dir: "/etc/consul.d/ssl" # Conf - Service. consul_node_role: "both" consul_restart_handler_state: "restarted" nomad_restart_handler_state: "restarted" systemd_resolved_state: "stopped" consul_service_mgr: "" # Conf - User and group. consul_group: "consul" consul_group_state: "present" consul_user: "consul" consul_user_state: "present" # Conf - base.hcl consul_bind_addr: "{{ ansible_default_ipv4.address }}" consul_client_addr: "0.0.0.0" consul_datacenter: "dc1" consul_disable_update_check: true consul_enable_debug: false consul_enable_syslog: true consul_log_level: "INFO" consul_node_name: "{{ inventory_hostname }}" consul_retry_join: true consul_bootstrap_expect: 2 consul_encrypt: "" consul_ca_file: "{{ consul_ssl_dir }}/ca.pem" consul_cert_file: "{{ consul_ssl_dir }}/consul.pem" consul_key_file: "{{ consul_ssl_dir }}/consul-key.pem" consul_verify_incoming: false consul_verify_outgoing: false consul_vefify_server_hostname: false consul_allow_tls: false consul_ui_config: enabled: true consul_recursors: - 1.1.1.1 - 8.8.8.8 consul_certificates: - src: "{{ file_consul_ca_pem }}" dest: "{{ consul_ca_file }}" - src: "{{ file_consul_server_0_pem }}" dest: "{{ consul_cert_file }}" - src: "{{ file_consul_server_0_key_pem }}" dest: "{{ consul_key_file }}" # Conf - ports.hcl consul_port_dns: 53 consul_port_http: 8500 consul_port_https: 8501 consul_port_grpc: 8502 consul_port_serf_lan: 8301 consul_port_serf_wan: 8302 consul_port_server: 8300 # Conf - services.json consul_services: false