storage "raft" {
    path = "{{ vault_raft_storage }}"
    node_id = "{{ ansible_hostname }}"
    {% for node in groups["vault"] %}
    retry_join
    {
        leader_api_addr = "https://{{ hostvars[node]['inventory_hostname'] }}.{{ domain_name }}:{{ vault_port }}"
    }
    {% endfor %}
}

listener "tcp" {
   address = "0.0.0.0:{{ vault_port }}"
   tls_disable = false
   tls_cert_file = "/etc/vault.d/ssl/{{ inventory_hostname }}.crt"
   tls_key_file = "/etc/vault.d/ssl/{{ inventory_hostname }}.key"
   tls_client_ca_file = "/etc/vault.d/ssl/ca-wbyc-certificate.pem"
}
api_addr = "https://{{ inventory_hostname }}.{{ domain_name }}:{{ vault_port }}"
cluster_addr = "https://{{ inventory_hostname }}.{{ domain_name }}:{{ vault_cluster_port }}"
disable_mlock = true
ui = true
log_level = "{{ vault_log_level }}"
disable_cache = true
cluster_name = "{{ vault_cluster_name }}"