add tls basic support

defaults/main.yaml

@@ -1,4 +1,4 @@
-consul_version: 1.12.2
+consul_version: 1.12.4
 consul_config_path: "/etc/consul.d"
 consul_data_path: "/opt/consul"
 consul_user: consul
@@ -9,7 +9,7 @@ consul_cluster_group: consul
 consul_server_group: consul_server
 consul_agent_group: consul_agent
 
-consul_config: []
+consul_config: {}
 consul_default_config:
   server: "{{ true if inventory_hostname in groups[consul_server_group] else false }}"
   ui_config: 
@@ -27,4 +27,32 @@ consul_default_config:
     down_policy: extend-cache
     enable_token_persistence: true
 
+consul_ssl: no
+consul_ssl_path: "/etc/consul.d/ssl"
+consul_self_signed_cert: no
+consul_self_signed_cert_name: "consul-tls"
+consul_server_ssl_config: {}
+consul_server_ssl_default_config:
+  ports:
+    https: 8501
+  verify_incoming: true
+  verify_outgoing: true
+  verify_server_hostname: false
+  ca_file: "{{ consul_ssl_path }}/CA-{{ consul_self_signed_cert_name }}.crt"
+  cert_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.crt"
+  key_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.key"
+  auto_encrypt:
+   allow_tls: true
+
+consul_agent_ssl_config: {}
+consul_agent_ssl_default_config:
+  ports:
+    https: 8501
+  verify_incoming: true
+  verify_outgoing: true
+  verify_server_hostname: false
+  ca_file: "{{ consul_ssl_path }}/CA-{{ consul_self_signed_cert_name }}.crt"
+  cert_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.crt"
+  key_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.key"
+
 is_virtualenv: "{{ lookup('env','VIRTUAL_ENV') | default('') }}"