encrypt = "{{ consul_encrypt }}"
{% if consul_node_server | bool == True %}
bootstrap_expect = {{ consul_bootstrap_expect }}
+verify_incoming = true
+verify_outgoing = true
+verify_server_hostname = true
+ca_file = "{{ consul_ca_file }}"
+cert_file = "{{ consul_cert_file }}"
+key_file = "{{ consul_key_file }}"
+auto_encrypt {
+ allow_tls = true
+}
+{% else %}
+verify_incoming = false
+verify_outgoing = false
+verify_server_hostname = false
+ca_file = "{{ consul_ca_file }}"
+auto_encrypt {
+ tls = false
+}
{% endif %}
{% if consul_retry_join | bool -%}
retry_join = [ {% for ip_port in consul_retry_servers -%} "{{ ip_port }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ]
ui = {{ consul_ui | bool | lower }}
-ca_file = "{{ consul_ca_file }}"
-cert_file = "{{ consul_cert_file }}"
-key_file = "{{ consul_key_file }}"
-
{% if consul_recursors -%}
recursors = [ {% for server in consul_recursors -%} "{{ server }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ]
{%- endif %}
\ No newline at end of file
Code Review / csit.git / blobdiff