35 lines
995 B
HCL
35 lines
995 B
HCL
listener "{{ config.listen_protocol }}" {
|
|
address = "{{ config.listen_address }}:{{ config.listen_port }}"
|
|
tls_disable = {{ config.tls_disable }}
|
|
{%- if self_signed_cert.enabled %}
|
|
tls_cert_file = "/etc/vault/{{ self_signed_cert.hostname }}.pem"
|
|
tls_key_file = "/etc/vault/{{ self_signed_cert.hostname }}-nopass.key"
|
|
{% else -%}
|
|
{%- if config.tls_cert_file %}
|
|
tls_cert_file = "{{ config.tls_cert_file }}"
|
|
{%- endif -%}
|
|
{%- if config.tls_key_file %}
|
|
tls_key_file = "{{ config.tls_key_file }}"
|
|
{% endif -%}
|
|
{% endif -%}
|
|
}
|
|
|
|
{%- if config.backend and config.backend.type == "s3" %}
|
|
backend "s3" {
|
|
bucket = "{{ config.backend.bucket }}"
|
|
}
|
|
{% endif -%}
|
|
|
|
{%- if config.storage and config.storage.type == "consul" %}
|
|
storage "consul" {
|
|
address = "{{ config.storage.address }}"
|
|
path = "{{ config.storage.path }}"
|
|
}
|
|
{%- else %}
|
|
storage "file" {
|
|
path = "{{ config.data_dir }}"
|
|
}
|
|
{% endif %}
|
|
|
|
default_lease_ttl="{{ config.default_lease_ttl }}"
|
|
max_lease_ttl="{{ config.max_lease_ttl }}"
|