fix

data/helpers/init.sh

@@ -6,6 +6,7 @@ unseal_vault() {
   root_token=$(cat /helpers/keys.json | jq -r '.root_token')
 
 	vault operator unseal -address=${VAULT_ADDR} $(cat /helpers/keys.json | jq -r '.keys[0]')
+  vault operator unseal -address=${VAULT_ADDR} $(cat /helpers/keys.json | jq -r '.keys[1]')
 	vault login token=$root_token
 }
 
@@ -15,10 +16,11 @@ then
   unseal_vault
 else
   echo "Vault not initialized"
-  curl -s --request POST --data '{"secret_shares": 1, "secret_threshold": 1}' ${VAULT_ADDR}/v1/sys/init > /helpers/keys.json
+  curl -s --request POST --data '{"secret_shares": 2, "secret_threshold": 2}' ${VAULT_ADDR}/v1/sys/init > /helpers/keys.json
 
   unseal_vault
 
+  # vault secrets enable -version=2 kv
   vault secrets enable -version=2 -path=secret kv
 	vault auth enable kubernetes
 fi

prune.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
 [[ -f data/helpers/keys.json ]] && rm data/helpers/keys.json
-rm -rf $(find data/file/ -maxdepth 1 -type f -name "*" ! -name ".gitkeep")
+find data/file/ -depth -path "data/file/.gitkeep" -o -delete
 
 docker compose down --remove-orphans