38 lines
1.2 KiB
INI
38 lines
1.2 KiB
INI
# Broker ID
|
|
broker.id={{ env "NOMAD_ALLOC_INDEX" }}
|
|
|
|
# Network settings
|
|
listeners=CLIENT://:{{ env "NOMAD_PORT_client" }},BROKER://:{{ env "NOMAD_PORT_broker" }}
|
|
listener.security.protocol.map=CLIENT:SSL,BROKER:SSL
|
|
inter.broker.listener.name=BROKER
|
|
advertised.listeners=CLIENT://broker-{{ env "NOMAD_ALLOC_INDEX" }}.[[ .instance ]]-broker[[ .consul.suffix ]].service.[[ .consul.domain ]]:{{ env "NOMAD_HOST_PORT_client" }},BROKER://{{ env "NOMAD_ADDR_broker" }}
|
|
|
|
# TLS Settings
|
|
ssl.keystore.location=/secrets/kafka.p12
|
|
ssl.keystore.password=password
|
|
ssl.keystore.type=PKCS12
|
|
ssl.truststore.location=/secrets/kafka.ca.pem
|
|
ssl.truststore.type=PEM
|
|
ssl.client.auth=required
|
|
ssl.secure.random.implementation=SHA1PRNG
|
|
ssl.principal.mapping.rules=\
|
|
RULE:^CN=([^,]+),OU=.*$/$1/,\
|
|
DEFAULT
|
|
|
|
# Storage settings
|
|
log.dirs=/data/kafka
|
|
|
|
# Zookeeper settings
|
|
zookeeper.connect=[[ join .zookeeper.servers "," ]][[ if has .zookeeper "path" ]][[ .zookeeper.path ]][[ end ]]
|
|
|
|
# ACL
|
|
[[- if .use_acl ]]
|
|
authorizer.class.name=kafka.security.authorizer.AclAuthorizer
|
|
super.users=[[ range $idx, $user := .super_users ]][[ if ne $idx 0 ]];[[ end ]]User:[[ $user ]][[ end ]]
|
|
[[ end ]]
|
|
|
|
# Other settings
|
|
[[- range $k, $v := .settings ]]
|
|
[[ $k ]]=[[ $v ]]
|
|
[[- end ]]
|