X-Git-Url: https://gerrit.fd.io/r/gitweb?p=csit.git;a=blobdiff_plain;f=fdio.infra.ansible%2Froles%2Fconsul%2Ftemplates%2Fbase.hcl.j2;h=15104b271073c2b7c729a4e8763583185210cf2b;hp=dab43fb3fc4eaf3af11bba9e26d93d48bc14e6df;hb=7b626e1a708fe5abab70a54bb74ade6e6b7f4d91;hpb=a8dc69c48e909384348d2d6d8aaa856c1e8e740d

diff --git a/fdio.infra.ansible/roles/consul/templates/base.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
index dab43fb3fc..15104b2710 100644
--- a/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
+++ b/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
@@ -14,22 +14,22 @@ server = {{ consul_node_server | bool | lower }}
 encrypt = "{{ consul_encrypt }}"
 {% if consul_node_server | bool == True %}
 bootstrap_expect = {{ consul_bootstrap_expect }}
-verify_incoming = false
-verify_outgoing = false
-verify_server_hostname = false
+verify_incoming = {{ consul_verify_incoming | bool | lower }}
+verify_outgoing = {{ consul_verify_outgoing | bool | lower }}
+verify_server_hostname = {{ consul_vefify_server_hostname | bool | lower }}
 ca_file = "{{ consul_ca_file }}"
 cert_file = "{{ consul_cert_file }}"
 key_file = "{{ consul_key_file }}"
 auto_encrypt {
-  allow_tls = false
+  allow_tls = {{ consul_allow_tls | bool | lower }}
 }
 {% else %}
-verify_incoming = false
-verify_outgoing = false
-verify_server_hostname = false
+verify_incoming = {{ consul_verify_incoming | bool | lower }}
+verify_outgoing = {{ consul_verify_outgoing | bool | lower }}
+verify_server_hostname = {{ consul_vefify_server_hostname | bool | lower }}
 ca_file = "{{ consul_ca_file }}"
 auto_encrypt {
-  tls = false
+  tls = {{ consul_allow_tls | bool | lower }}
 }
 {% endif %}
 {% if consul_retry_join | bool -%}