46 lines
1.7 KiB
YAML
46 lines
1.7 KiB
YAML
services:
|
|
hashicorpvault:
|
|
image: "hashicorp/vault:${HASHICORPVAULT_VERSION}"
|
|
container_name: "hashicorpvault-${CONTEXT}"
|
|
cap_add:
|
|
- IPC_LOCK
|
|
networks:
|
|
- hashicorpvault-default
|
|
ulimits:
|
|
nproc: ${ULIMIT_NPROC:-65535}
|
|
nofile:
|
|
soft: ${ULIMIT_NPROC:-65535}
|
|
hard: ${ULIMIT_NPROC:-65535}
|
|
extends:
|
|
file: common-settings.yaml
|
|
service: common-settings
|
|
ports:
|
|
- "63961:8200"
|
|
- "63962:8201"
|
|
volumes:
|
|
- /opt/docker-data/hashicorpvault-${CONTEXT}/data/file:/vault/file
|
|
- /opt/docker-data/hashicorpvault-${CONTEXT}/data/logs:/vault/logs
|
|
- /opt/docker-data/hashicorpvault-${CONTEXT}/config:/vault/config
|
|
environment:
|
|
VAULT_LOCAL_CONFIG: ${VAULT_LOCAL_CONFIG}
|
|
VAULT_DEV_ROOT_TOKEN_ID: ${VAULT_DEV_ROOT_TOKEN_ID}
|
|
VAULT_DEV_LISTEN_ADDRESS: ${VAULT_DEV_LISTEN_ADDRESS}
|
|
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-}
|
|
AWS_REGION: ${AWS_REGION:-}
|
|
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-}
|
|
VAULT_AWSKMS_SEAL_KEY_ID: ${VAULT_AWSKMS_SEAL_KEY_ID:-}
|
|
VAULT_SEAL_TYPE: ${VAULT_SEAL_TYPE:-}
|
|
entrypoint: vault server -config=/vault/config/vault.hcl
|
|
networks:
|
|
# Variables are not supported in keys, only in values.
|
|
# Change static context string manually if need something else
|
|
hashicorpvault-default:
|
|
name: hashicorpvault-${CONTEXT}
|
|
driver: bridge
|
|
driver_opts:
|
|
com.docker.network.enable_ipv6: "false"
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: ${SUBNET}
|