4 files changed, 86 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/consul/templates/base.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
new file mode 100644
index 0000000000..15104b2710
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
@@ -0,0 +1,56 @@
+node_name = "{{ consul_node_name }}"
+datacenter = "{{ consul_datacenter }}"
+
+bind_addr = "{{ consul_bind_addr }}"
+client_addr = "{{ consul_client_addr }}"
+data_dir = "{{ consul_data_dir }}"
+
+enable_syslog = {{ consul_enable_syslog | bool | lower }}
+enable_debug = {{ consul_enable_debug | bool | lower }}
+disable_update_check = {{ consul_disable_update_check | bool | lower }}
+log_level = "{{ consul_log_level }}"
+
+server = {{ consul_node_server | bool | lower }}
+encrypt = "{{ consul_encrypt }}"
+{% if consul_node_server | bool == True %}
+bootstrap_expect = {{ consul_bootstrap_expect }}
+verify_incoming = {{ consul_verify_incoming | bool | lower }}
+verify_outgoing = {{ consul_verify_outgoing | bool | lower }}
+verify_server_hostname = {{ consul_vefify_server_hostname | bool | lower }}
+ca_file = "{{ consul_ca_file }}"
+cert_file = "{{ consul_cert_file }}"
+key_file = "{{ consul_key_file }}"
+auto_encrypt {
+  allow_tls = {{ consul_allow_tls | bool | lower }}
+}
+{% else %}
+verify_incoming = {{ consul_verify_incoming | bool | lower }}
+verify_outgoing = {{ consul_verify_outgoing | bool | lower }}
+verify_server_hostname = {{ consul_vefify_server_hostname | bool | lower }}
+ca_file = "{{ consul_ca_file }}"
+auto_encrypt {
+  tls = {{ consul_allow_tls | bool | lower }}
+}
+{% endif %}
+{% if consul_retry_join | bool -%}
+retry_join = [ {% for ip_port in consul_retry_servers -%} "{{ ip_port }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ]
+{%- endif %}
+
+{% if consul_ui_config -%}
+ui_config {
+{% for key, value in consul_ui_config.items() %}
+  {%- if value|bool %}
+  {{ key }} = {{ value | bool | lower }}
+  {%- elif value|string or value == "" %}
+  {{ key }} = "{{ value }}"
+  {%- else %}
+  {{ key }} = {{ value }}
+  {%- endif %}
+{% endfor %}
+
+}
+{%- endif %}
+
+{% if consul_recursors -%}
+recursors = [ {% for server in consul_recursors -%} "{{ server }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ]
+{%- endif %}
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/consul_systemd.service.j2 b/fdio.infra.ansible/roles/consul/templates/consul_systemd.service.j2
new file mode 100644
index 0000000000..16874f213e
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/consul_systemd.service.j2
@@ -0,0 +1,18 @@
+[Unit]
+Description="HashiCorp Consul - A service mesh solution"
+Documentation=https://www.consul.io/
+Requires=network-online.target
+After=network-online.target
+
+[Service]
+User=root
+Group=root
+ExecStart={{ consul_bin_dir }}/consul agent -config-dir={{ consul_config_dir }}
+ExecReload=/bin/kill --signal HUP $MAINPID
+KillMode=process
+KillSignal=SIGTERM
+Restart=on-failure
+LimitNOFILE=infinity
+
+[Install]
+WantedBy=multi-user.target
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/ports.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/ports.hcl.j2
new file mode 100644
index 0000000000..02932bf6dc
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/ports.hcl.j2
@@ -0,0 +1,9 @@
+ports {
+    dns = {{ consul_port_dns }}
+    http = {{ consul_port_http }}
+    https = {{ consul_port_https }}
+    grpc_tls = {{ consul_port_grpc }}
+    serf_lan = {{ consul_port_serf_lan }}
+    serf_wan = {{ consul_port_serf_wan }}
+    server = {{ consul_port_server }}
+}
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/telemetry.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/telemetry.hcl.j2
new file mode 100644
index 0000000000..ec7fabc9da
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/telemetry.hcl.j2
@@ -0,0 +1,3 @@
+telemetry {
+    prometheus_retention_time = "24h"
+}
+\ No newline at end of file