77 lines
2.3 KiB
YAML
77 lines
2.3 KiB
YAML
options:
|
|
disable-mlock:
|
|
type: boolean
|
|
default: false
|
|
description: >-
|
|
Set this option only if you are deploying to an environment that
|
|
does not support the mlock(2) system call.
|
|
|
|
When this option is set, vault will be unable to prevent secrets
|
|
from being paged out, so use it with extreme caution.
|
|
nagios_context:
|
|
default: "juju"
|
|
type: string
|
|
description: |
|
|
A string that will be prepended to instance name to set the host name
|
|
in nagios. So for instance the hostname would be something like:
|
|
juju-myservice-0
|
|
If you're running multiple environments with the same services in them
|
|
this allows you to differentiate between them.
|
|
nagios_servicegroups:
|
|
default: ""
|
|
type: string
|
|
description: |
|
|
Comma separated list of nagios servicegroups for the service checks.
|
|
ssl-cert:
|
|
type: string
|
|
default: ""
|
|
description: >-
|
|
The SSL certificate, base64-encoded.
|
|
ssl-chain:
|
|
type: string
|
|
default: ""
|
|
description: >-
|
|
The SSL chain certificate, base64-encoded.
|
|
ssl-key:
|
|
type: string
|
|
default: ""
|
|
description: >-
|
|
The SSL key, base64-encoded.
|
|
ssl-ca:
|
|
type: string
|
|
default: ""
|
|
description: >-
|
|
The SSL Root CA certificate, base64-encoded.
|
|
vip:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Virtual IP to use api traffic
|
|
channel:
|
|
type: string
|
|
default: stable
|
|
description: >-
|
|
The snap channel to install from.
|
|
dns-ha-access-record:
|
|
type: string
|
|
default:
|
|
description: |
|
|
DNS record to use for DNS HA with MAAS. Do not use vip setting
|
|
if this is set.
|
|
totally-unsecure-auto-unlock:
|
|
type: boolean
|
|
default: false
|
|
description: >-
|
|
FOR TESTING ONLY. Initialise vault after deployment and store the keys
|
|
locally.
|
|
auto-generate-root-ca-cert:
|
|
type: boolean
|
|
default: false
|
|
description: >-
|
|
Once unsealed, automatically generate a self-signed root CA rather
|
|
than waiting for an action to be called to either generate one or
|
|
process a signing request to act as an intermediary CA. Note that
|
|
this will use all default values for the root CA cert. If you want
|
|
to adjust those values, you should use the generate-root-ca action
|
|
instead.
|