Compare commits
4 Commits
7dbeced826
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 3fd08533fc | |||
| 3ee0e1fae6 | |||
| 57c2b55b17 | |||
| 14810785bb |
@@ -77,6 +77,14 @@ Create ZFS datasets and set permissions as needed.
|
|||||||
zfs create -p 'zpool/data/opt/docker-data/hashicorpvault-'"${CONTEXT}"'/data/file'
|
zfs create -p 'zpool/data/opt/docker-data/hashicorpvault-'"${CONTEXT}"'/data/file'
|
||||||
zfs create -p 'zpool/data/opt/docker-data/hashicorpvault-'"${CONTEXT}"'/data/logs'
|
zfs create -p 'zpool/data/opt/docker-data/hashicorpvault-'"${CONTEXT}"'/data/logs'
|
||||||
```
|
```
|
||||||
|
This results in a directory structure like so:
|
||||||
|
```
|
||||||
|
/opt/docker-data/hashicorpvault-loft/
|
||||||
|
├── config
|
||||||
|
└── data
|
||||||
|
├── file
|
||||||
|
└── logs
|
||||||
|
```
|
||||||
|
|
||||||
## Additional files
|
## Additional files
|
||||||
|
|
||||||
|
|||||||
@@ -8,4 +8,4 @@ services:
|
|||||||
max-size: "10m"
|
max-size: "10m"
|
||||||
max-file: "10"
|
max-file: "10"
|
||||||
compress: "true"
|
compress: "true"
|
||||||
restart: "${RESTARTPOLICY:-unless-stopped}"
|
restart: "${RESTARTPOLICY:-always}"
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ services:
|
|||||||
soft: ${ULIMIT_NPROC:-65535}
|
soft: ${ULIMIT_NPROC:-65535}
|
||||||
hard: ${ULIMIT_NPROC:-65535}
|
hard: ${ULIMIT_NPROC:-65535}
|
||||||
extends:
|
extends:
|
||||||
file: common-settings.yml
|
file: common-settings.yaml
|
||||||
service: common-settings
|
service: common-settings
|
||||||
ports:
|
ports:
|
||||||
- "63961:8200"
|
- "63961:8200"
|
||||||
@@ -25,6 +25,11 @@ services:
|
|||||||
VAULT_LOCAL_CONFIG: ${VAULT_LOCAL_CONFIG}
|
VAULT_LOCAL_CONFIG: ${VAULT_LOCAL_CONFIG}
|
||||||
VAULT_DEV_ROOT_TOKEN_ID: ${VAULT_DEV_ROOT_TOKEN_ID}
|
VAULT_DEV_ROOT_TOKEN_ID: ${VAULT_DEV_ROOT_TOKEN_ID}
|
||||||
VAULT_DEV_LISTEN_ADDRESS: ${VAULT_DEV_LISTEN_ADDRESS}
|
VAULT_DEV_LISTEN_ADDRESS: ${VAULT_DEV_LISTEN_ADDRESS}
|
||||||
|
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-}
|
||||||
|
AWS_REGION: ${AWS_REGION:-}
|
||||||
|
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-}
|
||||||
|
VAULT_AWSKMS_SEAL_KEY_ID: ${VAULT_AWSKMS_SEAL_KEY_ID:-}
|
||||||
|
VAULT_SEAL_TYPE: ${VAULT_SEAL_TYPE:-}
|
||||||
entrypoint: vault server -config=/vault/config/vault.hcl
|
entrypoint: vault server -config=/vault/config/vault.hcl
|
||||||
networks:
|
networks:
|
||||||
# Variables are not supported in keys, only in values.
|
# Variables are not supported in keys, only in values.
|
||||||
|
|||||||
8
env/fqdn_context.env.example
vendored
8
env/fqdn_context.env.example
vendored
@@ -8,12 +8,16 @@ HASHICORPVAULT_VERSION=latest
|
|||||||
VAULT_DEV_ROOT_TOKEN_ID=your-root-token-here
|
VAULT_DEV_ROOT_TOKEN_ID=your-root-token-here
|
||||||
VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:1234
|
VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:1234
|
||||||
VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}
|
VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}
|
||||||
|
# AWS_ACCESS_KEY_ID=
|
||||||
|
# AWS_REGION=
|
||||||
|
# AWS_SECRET_ACCESS_KEY=
|
||||||
|
# VAULT_AWSKMS_SEAL_KEY_ID=
|
||||||
|
# VAULT_SEAL_TYPE=awskms
|
||||||
|
|
||||||
|
|
||||||
# Feel free to leave defaults. They apply while these vars are commented out
|
# Feel free to leave defaults. They apply while these vars are commented out
|
||||||
# ---
|
# ---
|
||||||
# RESTARTPOLICY=unless-stopped
|
# RESTARTPOLICY=always
|
||||||
# TIMEZONE=Etc/UTC
|
# TIMEZONE=Etc/UTC
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user