pub/vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Vassiliy Yegorov
2022-07-29 11:15:49 +07:00
parent 79bcb399f8
commit eebc8ac2af
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
data/helpers/init.sh
View File

@@ -6,6 +6,7 @@ unseal_vault() {
root_token=$(cat /helpers/keys.json | jq -r '.root_token') root_token=$(cat /helpers/keys.json | jq -r '.root_token')
vault operator unseal -address=${VAULT_ADDR} $(cat /helpers/keys.json | jq -r '.keys[0]') vault operator unseal -address=${VAULT_ADDR} $(cat /helpers/keys.json | jq -r '.keys[0]')
vault operator unseal -address=${VAULT_ADDR} $(cat /helpers/keys.json | jq -r '.keys[1]')
vault login token=$root_token vault login token=$root_token
} }
@@ -15,10 +16,11 @@ then
unseal_vault unseal_vault
else else
echo "Vault not initialized" echo "Vault not initialized"
curl -s --request POST --data '{"secret_shares": 1, "secret_threshold": 1}' ${VAULT_ADDR}/v1/sys/init > /helpers/keys.json curl -s --request POST --data '{"secret_shares": 2, "secret_threshold": 2}' ${VAULT_ADDR}/v1/sys/init > /helpers/keys.json
unseal_vault unseal_vault
# vault secrets enable -version=2 kv
vault secrets enable -version=2 -path=secret kv vault secrets enable -version=2 -path=secret kv
vault auth enable kubernetes vault auth enable kubernetes
fi fi

2
prune.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
[[ -f data/helpers/keys.json ]] && rm data/helpers/keys.json [[ -f data/helpers/keys.json ]] && rm data/helpers/keys.json
rm -rf $(find data/file/ -maxdepth 1 -type f -name "*" ! -name ".gitkeep") find data/file/ -depth -path "data/file/.gitkeep" -o -delete
docker compose down --remove-orphans docker compose down --remove-orphans