51 lines
1020 B
Plaintext
51 lines
1020 B
Plaintext
server = true
|
|
bootstrap_expect = 3
|
|
|
|
ca_file = "/etc/consul.d/certs/consul-agent-ca.pem"
|
|
cert_file = "/etc/consul.d/certs/dc1-server-consul-1.pem"
|
|
key_file = "/etc/consul.d/certs/dc1-server-consul-1-key.pem"
|
|
|
|
acl {
|
|
enabled = true
|
|
default_policy = "deny"
|
|
enable_token_persistence = true
|
|
|
|
tokens {
|
|
master = "<%= @server_token %>"
|
|
agent = "<%= @server_token %>"
|
|
default = "<%= @server_token %>"
|
|
}
|
|
}
|
|
|
|
ui_config {
|
|
enabled = true
|
|
|
|
metrics_provider = "prometheus"
|
|
metrics_proxy {
|
|
base_url = "http://192.168.10.101:9090"
|
|
}
|
|
}
|
|
|
|
config_entries {
|
|
bootstrap = [
|
|
{
|
|
kind = "proxy-defaults"
|
|
name = "global"
|
|
config {
|
|
envoy_prometheus_bind_addr = "0.0.0.0:9102"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
|
|
auto_config {
|
|
authorization {
|
|
enabled = true
|
|
static {
|
|
oidc_discovery_url = "http://vault.homelab:8200/v1/identity/oidc"
|
|
bound_issuer = "http://vault.homelab:8200/v1/identity/oidc"
|
|
bound_audiences = [ "dc1" ]
|
|
}
|
|
}
|
|
}
|