consul_version: "1.12.9"
consul_config_path: "/etc/consul.d"
consul_data_path: "/opt/consul"
consul_user: "consul"
consul_group: "consul"
consul_install_repo: true

consul_cluster_group: "consul"
consul_server_group: "consul_server"
consul_agent_group: "consul_agent"

consul_config: {}
consul_default_config:
  bind_addr: "{{ ansible_default_ipv4.address }}"
  server: "{{ true if inventory_hostname in groups[consul_server_group] else false }}"
  ui_config: 
    enabled: "{{ true if inventory_hostname in groups[consul_server_group] else false }}"
  log_level: info
  retry_join: "{{ groups[consul_server_group] | default([])}}"
  retry_interval: "30s"
  datacenter: "main"
  bootstrap_expect: "{{ groups[consul_server_group]|length|int if inventory_hostname in groups[consul_server_group] else omit }}" 
  performance:
    raft_multiplier: 1
  acl:
    enabled: false
    default_policy: "deny"
    down_policy: "extend-cache"
    enable_token_persistence: true

consul_ssl: false
consul_ssl_path: "/etc/consul.d/ssl"
consul_self_signed_cert: false
consul_self_signed_cert_name: "consul-tls"
consul_server_ssl_config: {}
consul_server_ssl_default_config:
  ports:
    https: 8501
  verify_incoming: true
  verify_outgoing: true
  verify_server_hostname: false
  ca_file: "{{ consul_ssl_path }}/CA-{{ consul_self_signed_cert_name }}.crt"
  cert_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.crt"
  key_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.key"
  auto_encrypt:
   allow_tls: true

consul_agent_ssl_config: {}
consul_agent_ssl_default_config:
  ports:
    https: 8501
  verify_incoming: true
  verify_outgoing: true
  verify_server_hostname: false
  ca_file: "{{ consul_ssl_path }}/CA-{{ consul_self_signed_cert_name }}.crt"
  cert_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.crt"
  key_file: "{{ consul_ssl_path }}/{{ consul_self_signed_cert_name }}.key"

is_virtualenv: "{{ lookup('env','VIRTUAL_ENV') | default('') }}"