ansible-roles/roles/consul/defaults/main.yml

---

# Version of consul to deploy
consul_version: 1.12.3
# URL from where the consul archive will be downloaded
consul_archive_url: https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_amd64.zip
# Expected sha256 of the archive
consul_archive_sha256: 620a47cfba34bdf918b4c3238d22f6318b29403888cfd927c6006a4ac1b1c9f6

# user account under which consul will run (will be created if needed)
consul_user: consul

# Root directory where consul will be installed
consul_root_dir: /opt/consul

# List of consul servers name or IP
consul_servers: []

# List of services exposed by consul, the ports they use, and the list of IP
# for which the service is accessible at the firewall level (if iptables_manage == True)
consul_services:
  dns:
    port: 8600
    src_ip: []
    proto: [tcp,udp]
  http_api:
    port: 8500
    src_ip: []
    proto: [tcp]
  https_api:
    port: 8501
    src_ip: []
    proto: [tcp]
  grpc_api:
    port: 8502
    src_ip: []
    proto: [tcp]
  lan_serf:
    port: 8301
    src_ip: []
    proto: [tcp,udp]
  wan_serf:
    port: 8302
    src_ip: []
    proto: [tcp_udp]
  server_rpc:
    port: 8300
    src_ip: []
    proto: [tcp]
  sidecar_proxy:
    port: '21000:21255'
    src_ip: []
    proto: [tcp]

# Consul configuration (which will be converted to JSON)
# The configuration is splited in a base conf and an extra conf, so you can override part of the config easily
consul_base_conf:
  node_name: "{{ inventory_hostname }}"
  data_dir: "{{ consul_root_dir }}/data"
  client_addr: 0.0.0.0
  log_level: INFO
  bind_addr: 0.0.0.0
  advertise_addr: "{{ ansible_default_ipv4.address }}"
  retry_join: "{{ consul_servers }}"
  bootstrap_expect: "{{ consul_servers | length }}"
  server: "{{ (inventory_hostname in consul_servers) | ternary(True, False) }}"
  ui_config:
    enabled: "{{ (inventory_hostname in consul_servers) | ternary(True, False) }}"
  connect:
    enabled: "{{ (inventory_hostname in consul_servers) | ternary(True, False) }}"

# For example
# consul_extra_conf:
#   datacenter: my-dc
#   domain: dev.example.org
#   encrypt: WSnGbK30nI6K/xk9w+AAtk0Y3RMXKoAlsj4VEICqi0I=
#   ui_config:
#     enabled: False

consul_extra_conf: {}
# Host conf is just another level of configuration override
consul_host_conf: {}

# Merge all the conf
consul_conf: "{{ consul_base_conf | combine(consul_extra_conf, recursive=True) | combine(consul_host_conf, recursive=True) }}"
Update to 2022-07-21 01:00 2022-07-21 01:00:17 +02:00			`---`

			`# Version of consul to deploy`
			`consul_version: 1.12.3`
			`# URL from where the consul archive will be downloaded`
			`consul_archive_url: https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_amd64.zip`
			`# Expected sha256 of the archive`
			`consul_archive_sha256: 620a47cfba34bdf918b4c3238d22f6318b29403888cfd927c6006a4ac1b1c9f6`

			`# user account under which consul will run (will be created if needed)`
			`consul_user: consul`

			`# Root directory where consul will be installed`
			`consul_root_dir: /opt/consul`

			`# List of consul servers name or IP`
			`consul_servers: []`

			`# List of services exposed by consul, the ports they use, and the list of IP`
			`# for which the service is accessible at the firewall level (if iptables_manage == True)`
			`consul_services:`
			`dns:`
			`port: 8600`
			`src_ip: []`
			`proto: [tcp,udp]`
			`http_api:`
			`port: 8500`
			`src_ip: []`
			`proto: [tcp]`
			`https_api:`
			`port: 8501`
			`src_ip: []`
			`proto: [tcp]`
			`grpc_api:`
			`port: 8502`
			`src_ip: []`
			`proto: [tcp]`
			`lan_serf:`
			`port: 8301`
			`src_ip: []`
			`proto: [tcp,udp]`
			`wan_serf:`
			`port: 8302`
			`src_ip: []`
			`proto: [tcp_udp]`
			`server_rpc:`
			`port: 8300`
			`src_ip: []`
			`proto: [tcp]`
			`sidecar_proxy:`
			`port: '21000:21255'`
			`src_ip: []`
			`proto: [tcp]`

			`# Consul configuration (which will be converted to JSON)`
			`# The configuration is splited in a base conf and an extra conf, so you can override part of the config easily`
			`consul_base_conf:`
			`node_name: "{{ inventory_hostname }}"`
			`data_dir: "{{ consul_root_dir }}/data"`
			`client_addr: 0.0.0.0`
			`log_level: INFO`
			`bind_addr: 0.0.0.0`
			`advertise_addr: "{{ ansible_default_ipv4.address }}"`
			`retry_join: "{{ consul_servers }}"`
			`bootstrap_expect: "{{ consul_servers \| length }}"`
			`server: "{{ (inventory_hostname in consul_servers) \| ternary(True, False) }}"`
			`ui_config:`
			`enabled: "{{ (inventory_hostname in consul_servers) \| ternary(True, False) }}"`
			`connect:`
			`enabled: "{{ (inventory_hostname in consul_servers) \| ternary(True, False) }}"`

			`# For example`
			`# consul_extra_conf:`
			`# datacenter: my-dc`
			`# domain: dev.example.org`
			`# encrypt: WSnGbK30nI6K/xk9w+AAtk0Y3RMXKoAlsj4VEICqi0I=`
			`# ui_config:`
			`# enabled: False`

			`consul_extra_conf: {}`
			`# Host conf is just another level of configuration override`
			`consul_host_conf: {}`

			`# Merge all the conf`
			`consul_conf: "{{ consul_base_conf \| combine(consul_extra_conf, recursive=True) \| combine(consul_host_conf, recursive=True) }}"`