Provides remco configs and resources to easily set up Docker and Docker Compose environment files
| rendered.d | ||
| templates.d | ||
| .gitignore | ||
| config.toml | ||
| LICENSE | ||
| README.md | ||
remco-docker-config
Provides remco configs and resources to easily set up Docker and Docker Compose environment files with HashiCorp Vault secrets
How to run
Set environment variables
Set these mandatory variables, fill in real values
# Largely static
export REMCO_DOCKER_CONFIG='/path/to/this/dir'
export VAULT_ADDR='https://127.0.0.1:8200/'
export VAULT_TOKEN='hvs.BerthaIsDeNigrAtinGtHEiMP'
# Changes per container and context
export DOCKER_FQDN='containers-3.example.net'
export DOCKER_GROUP_NAME='grafana'
export DOCKER_CTX='bi_shenyang'
export VAULT_KEY='/kv/data/for_rbacgroup_remco/docker/'"${DOCKER_GROUP_NAME}"'/'"${DOCKER_CTX}"
Treat DOCKER_CTX ("CTX" as in context) as a team name, purpose or scope. If the same Docker application can run multiple times and serve different tenants then DOCKER_CTX is what distinguishes one instance from the other. Here bi_shenyang indicates for example a Shenyang-based Business Intelligence team.
Render config files
Let remco generate an environment file
remco -config config.toml
Output will look somewhat like this (no change needed):
[INFO] set backend nodes: backend=vault nodes=["https://127.0.0.1:8200/"] prefix=remco[671145]
[DEBUG] retrieving keys: backend=vault key_prefix="\"\"" prefix=remco[671145] resource=grafana
[DEBUG] compiling source template: prefix=remco[671145] resource=grafana template=/tmp/remco-docker-config/templates.d/grafana/fqdn-context.env
[DEBUG] comparing staged and dest config files: dest=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env prefix=remco[671145] resource=grafana staged=.containers-3.example.net-bi_shenyang.env2016234729
[DEBUG] target config in sync: config=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env prefix=remco[671145] resource=grafana
[DEBUG] closing client connection: backend=vault prefix=remco[671145] resource=grafana
Or like this (target file does not have correct content):
[INFO] set backend nodes: backend=vault nodes=["https://127.0.0.1:8200/"] prefix=remco[675012]
[DEBUG] retrieving keys: backend=vault key_prefix="\"\"" prefix=remco[675012] resource=grafana
[DEBUG] compiling source template: prefix=remco[675012] resource=grafana template=/tmp/remco-docker-config/templates.d/grafana/fqdn-context.env
[DEBUG] comparing staged and dest config files: dest=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env prefix=remco[675012] resource=grafana staged=.containers-3.example.net-bi_shenyang.env3921647901
[INFO] wrong hashsum: config=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env current=da39a3ee5e6b4b0d3255bfef95601890afd80709 new=97aacc05e6ccad77fec95cc5daa4b3cb7ccd03eb prefix=remco[675012] resource=grafana
[INFO] target config out of sync: config=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env prefix=remco[675012] resource=grafana
[DEBUG] overwriting target config: config=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env prefix=remco[675012] resource=grafana
[INFO] target config has been updated: config=/tmp/remco-docker-config/rendered.d/grafana/containers-3.example.net-bi_shenyang.env prefix=remco[675012] resource=grafana
[DEBUG] closing client connection: backend=vault prefix=remco[675012] resource=grafana