29 lines
720 B
Bash
29 lines
720 B
Bash
apk add jq curl
|
|
|
|
VAULT_HOST=0.0.0.0:8200
|
|
|
|
root_token=$(cat /helpers/keys.json | jq -r '.root_token')
|
|
|
|
unseal_vault() {
|
|
export VAULT_TOKEN=$root_token
|
|
vault operator unseal -address=${VAULT_HOST} $(cat /helpers/keys.json | jq -r '.keys[0]')
|
|
vault login token=$VAULT_TOKEN
|
|
}
|
|
|
|
if [[ -n "$root_token" ]]
|
|
then
|
|
echo "Vault already initialized"
|
|
unseal_vault
|
|
else
|
|
echo "Vault not initialized"
|
|
curl -s --request POST --data '{"secret_shares": 1, "secret_threshold": 1}' http://${VAULT_HOST}/v1/sys/init > /helpers/keys.json
|
|
root_token=$(cat /helpers/keys.json | jq -r '.root_token')
|
|
|
|
unseal_vault
|
|
|
|
vault secrets enable -version=2 kv
|
|
vault auth enable kubernetes
|
|
fi
|
|
|
|
printf "\n\nVAULT_TOKEN=%s\n\n" $VAULT_TOKEN
|