formula-vault/vault/files/server.hcl.jinja
2017-04-11 09:55:31 -05:00

27 lines
816 B
Django/Jinja

{% from "vault/map.jinja" import vault with context %}
{% if vault.s3_backend %}
backend "s3" {
bucket = "{{ vault.s3_backend.bucket }}"
}
{% endif %}
listener "{{ vault.listen_protocol }}" {
address = "{{ vault.listen_address }}:{{ vault.listen_port }}"
tls_disable = {{ vault.strict_tls }}
{% if vault.self_signed_cert.enabled %}
tls_cert_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}.pem"
tls_key_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}-nopass.key"
{% else %}
{% if vault.tls_cert_file %}
tls_cert_file = "{{ vault.tls_cert_file }}"
{% endif %}
{% if vault.tls_key_file %}
tls_key_file = "{{ vault.tls_cert_file }}"
{% endif %}
{% endif %}
}
#todo parameterize
default_lease_ttl="{{ vault.default_lease_ttl }}"
max_lease_ttl="{{ vault.max_lease_ttl }}"