ansible-roles/roles/consul/templates/consul-template.hcl.j2

vault {
  address      = "{{ consul_vault_secrets.vault_address }}"
  token        = "{{ consul_vault_secrets.vault_token }}"
  unwrap_token = false
}

template {
  source          = "{{ consul_root_dir }}/consul-template/agent_bundle.pem.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ consul_root_dir }}/tls/agent_bundle.pem"
  perms           = 0640
  exec {
    command = "sh -c 'systemctl reload consul || true'"
  }
}

{% if consul_conf.server %}
template {
  source          = "{{ consul_root_dir }}/consul-template/cli_bundle.pem.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ consul_root_dir }}/tls/cli_bundle.pem"
  perms           = 0640
  exec {
    command = "sh -c 'systemctl reload consul || true'"
  }
}
{% endif %}

{% if consul_vault_secrets.tokens.enabled %}
template {
  source          = "{{ consul_root_dir }}/consul-template/agent.token.tpl"
  left_delimiter  = "[["
  right_delimiter = "]]"
  destination     = "{{ consul_root_dir }}/tmp/agent.token"
  perms           = 0600
  exec {
    command = "sh -c 'consul acl set-agent-token default $(grep -P \'^[^\s]\' {{ consul_root_dir }}/tmp/agent.token)'"
  }
}
{% endif %}
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`vault {`
Update to 2022-09-06 18:00 2022-09-06 18:00:22 +02:00			`address = "{{ consul_vault_secrets.vault_address }}"`
			`token = "{{ consul_vault_secrets.vault_token }}"`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`unwrap_token = false`
			`}`

			`template {`
Update to 2022-09-13 17:00 2022-09-13 17:00:08 +02:00			`source = "{{ consul_root_dir }}/consul-template/agent_bundle.pem.tpl"`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`left_delimiter = "[["`
			`right_delimiter = "]]"`
Update to 2022-09-13 17:00 2022-09-13 17:00:08 +02:00			`destination = "{{ consul_root_dir }}/tls/agent_bundle.pem"`
			`perms = 0640`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`exec {`
Update to 2022-09-06 18:00 2022-09-06 18:00:22 +02:00			`command = "sh -c 'systemctl reload consul \|\| true'"`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`}`
			`}`

			`{% if consul_conf.server %}`
			`template {`
Update to 2022-09-13 17:00 2022-09-13 17:00:08 +02:00			`source = "{{ consul_root_dir }}/consul-template/cli_bundle.pem.tpl"`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`left_delimiter = "[["`
			`right_delimiter = "]]"`
Update to 2022-09-13 17:00 2022-09-13 17:00:08 +02:00			`destination = "{{ consul_root_dir }}/tls/cli_bundle.pem"`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`perms = 0640`
			`exec {`
Update to 2022-09-13 17:00 2022-09-13 17:00:08 +02:00			`command = "sh -c 'systemctl reload consul \|\| true'"`
Update to 2022-09-04 14:00 2022-09-04 14:00:17 +02:00			`}`
			`}`
Update to 2022-09-06 18:00 2022-09-06 18:00:22 +02:00			`{% endif %}`

			`{% if consul_vault_secrets.tokens.enabled %}`
			`template {`
			`source = "{{ consul_root_dir }}/consul-template/agent.token.tpl"`
			`left_delimiter = "[["`
			`right_delimiter = "]]"`
			`destination = "{{ consul_root_dir }}/tmp/agent.token"`
			`perms = 0600`
			`exec {`
			`command = "sh -c 'consul acl set-agent-token default $(grep -P \'^[^\s]\' {{ consul_root_dir }}/tmp/agent.token)'"`
			`}`
			`}`
			`{% endif %}`