{%- from "vault/map.jinja" import vault with context -%} {%- if vault.backend and vault.backend.type == "s3" %} backend "s3" { bucket = "{{ vault.backend.bucket }}" } {% endif -%} listener "{{ vault.listen_protocol }}" { address = "{{ vault.listen_address }}:{{ vault.listen_port }}" tls_disable = {{ vault.tls_disable }} {% if vault.self_signed_cert.enabled %} tls_cert_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}.pem" tls_key_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}-nopass.key" {% else %} {%- if vault.tls_cert_file %} tls_cert_file = "{{ vault.tls_cert_file }}" {% endif -%} {%- if vault.tls_key_file %} tls_key_file = "{{ vault.tls_key_file }}" {% endif -%} {% endif %} } default_lease_ttl="{{ vault.default_lease_ttl }}" max_lease_ttl="{{ vault.max_lease_ttl }}"