As a result of the current implementation of #48, RPC traffic is exposed publicly and should therefore be encrypted. Since consul provides mechanisms to do so we should include a way to inject certs into the containers before consul can start in a similar fashion to how autopilotpattern/vault uses docker exec to bootstrap.

The proposed design is to check for CONSUL_TLS_PATH during preStart and if present, wait for a file to appear the the specified path. Gossip key configuration can be done by specifying CONSUL_ENCRYPT_PATH or CONSUL_ENCRYPT_BASE64.