sprouting.cloud/ansible_role_package
Public Access
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix vault config.hcl.j2

Browse Source
This commit is contained in:
Matthew Stobbs
2025-03-23 14:04:51 -06:00
parent 10e7bd9d1b
commit 404029d5dc
2 changed files with 44 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
files/vault/Alpine/openrc
View File

@@ -1,9 +1,10 @@
#!/sbin/openrc-run #!/sbin/openrc-run
capabilities="cap_ipd_lock=+ep"
command="/usr/local/bin/vault" command="/usr/local/bin/vault"
command_group="vault" command_user="vault:vault"
command_user="vault" command_background=true
capabilities="^cap_chown,^cap_ipc_lock"
pidfile="/var/run/${RC_SVCNAME}.pid"
# args # args
config_args="-config=/etc/$RC_SVCNAME/config.hcl" config_args="-config=/etc/$RC_SVCNAME/config.hcl"
@@ -20,31 +21,39 @@ depend() {
start_pre() { start_pre() {
checkpath --directory \ checkpath --directory \
--owner $command_user:$command_group \ --owner $command_user \
--mode 0755 \ --mode 0755 \
/run/$RC_SVCNAME /var/log/$RC_SVCNAME /var/log/$RC_SVCNAME
}
start() {
ebegin "Starting $RC_SVCNAME"
start-stop-daemon --start \
--exec $command \
--capabilities $capabilities \
--make-pidfile \
--pidfile /var/run/$RC_SVCNAME.pid \
--user $command_user:$command_group \
-- \
$command_args
eend $?
}
stop() {
ebegin "Stopping $RC_SVCNAME"
start-stop-daemon --stop \
--exec $command \
--pidfile /var/run/$RC_SVCNAME.pid
eend $?
} }
#
# start() {
# ebegin "Starting $RC_SVCNAME"
# start-stop-daemon --start \
# --exec $command \
# --capabilities $capabilities \
# --make-pidfile \
# --pidfile /var/run/$RC_SVCNAME.pid \
# --user $command_user:$command_group \
#
# -- \
# $command_args
#
# eend $?
# }
#
# stop() {
# ebegin "Stopping $RC_SVCNAME"
# start-stop-daemon --stop \
# --exec $command \
# --pidfile /var/run/$RC_SVCNAME.pid
#
# eend $?
# }
#
# restart() {
# ebegin "Restarting $RC_SVCNAME"
# stop()
# start()
# eend $?
# }
# vim: set filetype=sh : # vim: set filetype=sh :

9
templates/vault/config.hcl.j2
View File

@@ -1,9 +1,14 @@
ui = {{ ui | default(true) }} ui = {{ ui | default('true') }}
cluster_addr = "https://{{ ansible_default_ipv4.address }}:{{ cluster_port | default('8201') }}" cluster_addr = "https://{{ ansible_default_ipv4.address }}:{{ cluster_port | default('8201') }}"
api_addr = "https://{{ansible_default_ipv4.address }}:{{ api_port | default('8200') }}" api_addr = "https://{{ansible_default_ipv4.address }}:{{ api_port | default('8200') }}"
disable_mlock = {{ disable_mlock | default(true) }} disable_mlock = {{ disable_mlock | default('true') }}
storage "raft" { storage "raft" {
path = "{{ raft_path | default('/var/lib/vault/data') }}" path = "{{ raft_path | default('/var/lib/vault/data') }}"
node_id = "{{ raft_node_id | default(ansible_hostname) }}" node_id = "{{ raft_node_id | default(ansible_hostname) }}"
} }
listener "tcp" {
address = "{{ ansible_default_ipv4.address }}:{{ api_port | default('8200') }}"
cluster_address = "{{ ansible_default_ipv4.address }}:{{ cluster_port | default('8201') }}"
}