---
vault_listener_address: 0.0.0.0
vault_iface: "{{ lookup('env', 'VAULT_IFACE') | default(ansible_default_ipv4.interface, true) }}"
vault_port: 8200
vault_protocol: "http"
vault_address: "{{ hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address'] }}"
vault_cluster_address: "{{ hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address'] }}:{{ (vault_port | int) + 1 }}"
vault_cluster_addr: "{{ vault_protocol }}://{{ vault_cluster_address }}"
vault_api_addr: "{{ vault_protocol }}://{{ vault_redirect_address | default(hostvars[inventory_hostname]['ansible_' + vault_iface]['ipv4']['address']) }}:{{ vault_port }}"
vault_tls_disable: true

# vault backup variable
vault_snapshot: false
vault_backup_location: /tmp
vault_cron_hour: 1
vault_roleid: ''
vault_secretid: ''


vault_unseal_keys_dir_output: "~/vaultUnseal"
vault_unseal_token: ""

vault_raft_group_name: "vault_raft_servers"
vault_raft_cluster_members: |
  [
  {% for server in groups[vault_raft_group_name] %}
    {
      "peer": "{{ server }}",
      "api_addr": "{{ hostvars[server]['vault_api_addr'] |
  default( vault_protocol + '://' + hostvars[server]['ansible_' + hostvars[server]['vault_iface']]['ipv4']['address']+ ':' +  vault_port|string  ) }}"
    },
  {% endfor %}
  ]