1 files changed, 19 insertions, 2 deletions

diff --git a/configuration.nix b/configuration.nix
index 205eb6d..6fbfb3f 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -200,8 +200,19 @@ in
     datacenter = "staging";
     ui = true;
     bind_addr = public_ip;
-    addresses.http = "0.0.0.0";
+
+    ports.http = -1;
+    addresses.https = "0.0.0.0";
+    ports.https = 8501;
+
     retry_join = [ "10.42.0.2" "10.42.0.21" "10.42.0.22" "10.42.0.23" ];
+
+    ca_file = "/var/lib/consul/pki/consul-ca.crt";
+    cert_file = "/var/lib/consul/pki/consul2021.crt";
+    key_file = "/var/lib/consul/pki/consul2021.key";
+    verify_incoming = true;
+    verify_outgoing = true;
+    verify_server_hostname = true;
   };
 
   services.nomad.enable = true;
@@ -219,7 +230,13 @@ in
       http = public_ip;
       serf = public_ip;
     };
-    consul.address = "127.0.0.1:8500";
+    consul = {
+      address = "localhost:8501";
+      ca_file = "/var/lib/nomad/pki/consul2021.crt";
+      cert_file = "/var/lib/nomad/pki/consul2021-client.crt";
+      key_file = "/var/lib/nomad/pki/consul2021-client.key";
+      ssl = true;
+    };
     client = {
       enabled = true;
       network_interface = "wg0";