HuehnerCloud/cloud-environments-example
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ba33c5b5d3
cloud-environments-example/roles/vault/defaults/main.yml
lhahn ba33c5b5d3 Git initial commit
2023-08-20 11:13:16 +02:00

50 lines
1.1 KiB
YAML
Executable File
Raw Blame History

---
cloud_apps: /opt
cloud_storage: /opt/storage
cloud_stage: prod
cloud_update: false
vault_source: https://releases.hashicorp.com/vault
vault_version: 1.9.3
vault_arch: linux_amd64
vault_pid: "{{ cloud_apps }}/vault/vault.pid"
vault_ui: "true"
vault_no_mlock: "false"
vault_port: 8200
vault_listener: 127.0.0.1
vault_api_addr: "http://{{ vault_listener }}:{{ vault_port }}"
vault_cluster_addr: ""
vault_cluster_name: "vault"
vault_storage:
storage: "storage"
type: "file"
conf: |
path = "{{ vault_home }}/data"
vault_listener_tcp:
address: "{{ vault_listener }}:{{ vault_port }}"
tls_disable: "true"
proxy_protocol_behavior: "{{ vault_proxy_behaviour }}"
vault_config_options:
max_lease_ttl: "10h"
default_lease_ttl: "10h"
vault_config_blocks:
- conf: telemetry
type:
options: |
prometheus_retention_time = "30s"
disable_hostname = true
# required only, when vault_proxy_behaviour is e.g. set to allow_authorized
# see https://www.vaultproject.io/docs/configuration/listener/tcp#proxy_protocol_authorized_addrs
vault_proxy_authorised_addr: []
vault_proxy_behaviour: use_always
Reference in New Issue View Git Blame Copy Permalink