{% if grains['role'] in ['so-node', 'so-heavynode'] %}
  {%- set elasticsearch = salt['pillar.get']('elasticsearch:mainip', '') -%}
{% elif grains['role'] in ['so-eval', 'so-managersearch', 'so-standalone', 'so-manager'] %}
  {%- set elasticsearch = salt['pillar.get']('manager:mainip', '') -%}
{%- endif %}
{%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
{%-   set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
{%-   set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
{%- else %}
{%-   set ES_USER = '' %}
{%-   set ES_PASS = '' %}
{%- endif %}

---
# Remember, leave a key empty if there is no value.  None will be a string,
# not a Python "NoneType"
elasticsearch:
  client:
    hosts:
      - https://{{elasticsearch}}:9200
    cloud_id:
    ca_certs:
    client_cert:
    client_key:
    verify_certs: False
    request_timeout: 30
  other_settings:
    api_key:
      id:
      api_key:
    master_only: False
{%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
    username: "{{ ES_USER }}"
    password: "{{ ES_PASS }}"
{%- endif %}

logging:
  loglevel: INFO
  logfile: '/var/log/curator/curator.log'
  logformat: default
  blacklist: ['elasticsearch', 'urllib3']