tls_server_config:
  key_file: {{ tls_private }}/{{ inventory_hostname }}.key
  cert_file: {{ tls_certs }}/{{ inventory_hostname }}.crt
  client_ca_file: {{ tls_certs }}/ca.crt
  client_auth_type: RequireAndVerifyClientCert
  client_allowed_sans:
    - prometheus01.home.foo.sh
    - prometheus02.home.foo.sh
    - prometheus03.home.foo.sh
    - prometheus04.home.foo.sh
  min_version: TLS13