server:
  port: 8082
  ssl:
    bundle: infra

spring:
  ssl:
    bundle:
      pem:
        infra:
          keystore:
            private-key: file:/etc/ssl/private/<%= @fqdn %>_infra.key
            certificate: file:/etc/ssl/certs/<%= @fqdn %>_infra.crt
          truststore:
            certificate: file:/etc/ssl/certs/infra.crt
  data:
    redis:
      password: '<%= scope.call_function('safe_hiera', ['redis_password'])  %>'
      cluster:
        nodes:
          <%- @redises.each do |host| -%>
          - <%= host %>:6379
          - <%= host %>:6380
          <%- end -%>
      ssl:
        enabled: true
      ssl-ext:
        # redis or java require IP addresses in cert if verifcation is turned on
        # Caused by: java.util.concurrent.CompletionException:
        # javax.net.ssl.SSLHandshakeException: No subject alternative names
        # matching IP address 89.46.20.236 found
        enable-hostname-verification: false
        credential:
          resource: file:/etc/ssl/private/<%= @fqdn %>_infra.p12
          password: qwerty123
        trust:
          resource: file:/etc/ssl/certs/infra.p12
          password: qwerty123