|
78 | 78 | "verify_server_hostname": {{ consul_tls_verify_server_hostname | bool | to_json }}, |
79 | 79 | {% endif %} |
80 | 80 |
|
81 | | - {## ACLs ##} |
82 | | - {% if consul_acl_enable %} |
83 | | - {% if consul_acl_token | trim != '' %} |
84 | | - "acl_token": "{{ consul_acl_token }}", |
85 | | - {% endif %} |
86 | | - {% if consul_acl_agent_token | trim != '' %} |
87 | | - "acl_agent_token": "{{ consul_acl_agent_token }}", |
88 | | - {% endif %} |
89 | | - {% if consul_acl_agent_master_token | trim != '' %} |
90 | | - "acl_agent_master_token": "{{ consul_acl_agent_master_token }}", |
91 | | - {% endif %} |
92 | | - "acl_ttl": "{{ consul_acl_ttl }}", |
93 | | - "acl_datacenter": "{{ consul_acl_datacenter }}", |
94 | | - "acl_down_policy": "{{ consul_acl_down_policy }}", |
95 | | - {% endif %} |
96 | | - |
97 | 81 | {## LAN Join ##} |
98 | 82 | "retry_interval": "{{ consul_retry_interval }}", |
99 | 83 | "retry_max": {{ consul_retry_max | int }}, |
|
109 | 93 |
|
110 | 94 | {# Client Settings #} |
111 | 95 | {% if (item.config_version == 'client') %} |
| 96 | + {## ACLs ##} |
| 97 | + {% if consul_acl_enable %} |
| 98 | + {% if consul_version is version_compare('1.4.0', '>=') %} |
| 99 | + "primary_datacenter": "{{ consul_acl_datacenter }}", |
| 100 | + "acl": { |
| 101 | + "enabled": true, |
| 102 | + "default_policy": "{{ consul_acl_default_policy }}", |
| 103 | + "down_policy": "{{ consul_acl_down_policy }}", |
| 104 | + "token_ttl": "{{ consul_acl_ttl }}", |
| 105 | + "tokens": { |
| 106 | + {% if consul_acl_token | trim != '' %} |
| 107 | + "default": "{{ consul_acl_token }}", |
| 108 | + {% endif %} |
| 109 | + {% if consul_acl_agent_token | trim != '' %} |
| 110 | + "agent": "{{ consul_acl_agent_token }}", |
| 111 | + {% endif %} |
| 112 | + {% if consul_acl_agent_master_token | trim != '' %} |
| 113 | + "agent_master": "{{ consul_acl_agent_master_token }}", |
| 114 | + {% endif %} |
| 115 | + } |
| 116 | + }, |
| 117 | + {% else %} |
| 118 | + {% if consul_acl_token | trim != '' %} |
| 119 | + "acl_token": "{{ consul_acl_token }}", |
| 120 | + {% endif %} |
| 121 | + {% if consul_acl_agent_token | trim != '' %} |
| 122 | + "acl_agent_token": "{{ consul_acl_agent_token }}", |
| 123 | + {% endif %} |
| 124 | + {% if consul_acl_agent_master_token | trim != '' %} |
| 125 | + "acl_agent_master_token": "{{ consul_acl_agent_master_token }}", |
| 126 | + {% endif %} |
| 127 | + "acl_ttl": "{{ consul_acl_ttl }}", |
| 128 | + "acl_datacenter": "{{ consul_acl_datacenter }}", |
| 129 | + "acl_down_policy": "{{ consul_acl_down_policy }}", |
| 130 | + {% endif %} |
| 131 | + {% endif %} |
112 | 132 | {% endif %} |
113 | 133 |
|
114 | 134 | {# Server Settings #} |
|
148 | 168 | {{ consul_join_wan | map('ipwrap') | list | to_json }}, |
149 | 169 | {% endif %} |
150 | 170 |
|
151 | | - {## Server ACLs ##} |
| 171 | + {## ACLs ##} |
152 | 172 | {% if consul_acl_enable %} |
153 | | - {% if consul_version is version_compare('0.9.1', '<') or |
154 | | - consul_acl_master_token | trim != '' %} |
155 | | - "acl_master_token": "{{ consul_acl_master_token }}", |
156 | | - {% endif %} |
157 | | - {% if consul_acl_replication_enable | trim != '' %} |
158 | | - "enable_acl_replication": {{ consul_acl_replication_enable | bool | to_json }}, |
159 | | - {% endif %} |
160 | | - {% if consul_acl_replication_token | trim != '' %} |
161 | | - "acl_replication_token": "{{ consul_acl_replication_token }}", |
162 | | - {% endif %} |
| 173 | + {% if consul_acl_replication_enable | trim != '' %} |
| 174 | + "enable_acl_replication": {{ consul_acl_replication_enable | bool | to_json }}, |
| 175 | + {% endif %} |
| 176 | + {% if consul_version is version_compare('1.4.0', '>=') %} |
| 177 | + "primary_datacenter": "{{ consul_acl_datacenter }}", |
| 178 | + "acl": { |
| 179 | + "enabled": true, |
| 180 | + "default_policy": "{{ consul_acl_default_policy }}", |
| 181 | + "down_policy": "{{ consul_acl_down_policy }}", |
| 182 | + "token_ttl": "{{ consul_acl_ttl }}", |
| 183 | + "tokens": { |
| 184 | + {% if consul_acl_token | trim != '' %} |
| 185 | + "default": "{{ consul_acl_token }}", |
| 186 | + {% endif %} |
| 187 | + {% if consul_acl_agent_token | trim != '' %} |
| 188 | + "agent": "{{ consul_acl_agent_token }}", |
| 189 | + {% endif %} |
| 190 | + {% if consul_acl_agent_master_token | trim != '' %} |
| 191 | + "agent_master": "{{ consul_acl_agent_master_token }}", |
| 192 | + {% endif %} |
| 193 | + {% if consul_version is version_compare('0.9.1', '<') or consul_acl_master_token | trim != '' %} |
| 194 | + "master": "{{ consul_acl_master_token }}", |
| 195 | + {% endif %} |
| 196 | + {% if consul_acl_replication_token | trim != '' %} |
| 197 | + "replication": "{{ consul_acl_replication_token }}", |
| 198 | + {% endif %} |
| 199 | + } |
| 200 | + }, |
| 201 | + {% else %} |
| 202 | + {% if consul_acl_token | trim != '' %} |
| 203 | + "acl_token": "{{ consul_acl_token }}", |
| 204 | + {% endif %} |
| 205 | + {% if consul_acl_agent_token | trim != '' %} |
| 206 | + "acl_agent_token": "{{ consul_acl_agent_token }}", |
| 207 | + {% endif %} |
| 208 | + {% if consul_acl_agent_master_token | trim != '' %} |
| 209 | + "acl_agent_master_token": "{{ consul_acl_agent_master_token }}", |
| 210 | + {% endif %} |
| 211 | + "acl_ttl": "{{ consul_acl_ttl }}", |
| 212 | + "acl_datacenter": "{{ consul_acl_datacenter }}", |
| 213 | + "acl_down_policy": "{{ consul_acl_down_policy }}", |
| 214 | + {% if consul_version is version_compare('0.9.1', '<') or |
| 215 | + consul_acl_master_token | trim != '' %} |
| 216 | + "acl_master_token": "{{ consul_acl_master_token }}", |
| 217 | + {% endif %} |
| 218 | + {% if consul_acl_replication_enable | trim != '' %} |
| 219 | + "enable_acl_replication": {{ consul_acl_replication_enable | bool | to_json }}, |
| 220 | + {% endif %} |
| 221 | + {% if consul_acl_replication_token | trim != '' %} |
| 222 | + "acl_replication_token": "{{ consul_acl_replication_token }}", |
| 223 | + {% endif %} |
| 224 | + "acl_default_policy": "{{ consul_acl_default_policy }}", |
| 225 | + {% endif %} |
163 | 226 | {% endif %} |
164 | | - "acl_default_policy": "{{ consul_acl_default_policy }}", |
165 | 227 | {% endif %} |
166 | 228 |
|
167 | 229 | {## UI ##} |
|
0 commit comments