infra/ansible/roles/vault_server/templates/vault.hcl.j2
2022-11-05 22:11:23 -04:00

23 lines
695 B
Django/Jinja

ui = true
listener "tcp" {
address = "127.0.0.1:8200"
tls_cert_file = "/etc/vault.d/certs/vault.pem"
tls_key_file = "/etc/vault.d/certs/vault.key"
}
listener "tcp" {
address = "{{ ansible_default_ipv4.address }}:8200"
tls_cert_file = "/etc/vault.d/certs/vault.pem"
tls_key_file = "/etc/vault.d/certs/vault.key"
}
api_addr = "https://{{ ansible_default_ipv4.address }}:8200"
cluster_addr = "https://{{ ansible_default_ipv4.address }}:8201"
storage "consul" {
address = "localhost:8500"
path = "vault/"
token = "{{ lookup('hashi_vault', 'secret=kv/data/vault:consul-acl ca_cert=/etc/pki/certs/MaskedName_Root_CA.crt') }}"
}