Commit Graph

22 Commits

Author SHA1 Message Date
Kazuhiro MUSASHI a955001416 Add firewall settings for `Vault`. 2024-07-15 21:39:00 +09:00
Kazuhiro MUSASHI e21fa08291 Deploy `/etc/vault.d/vault.env` to enable AWS KMS. 2024-07-15 21:28:07 +09:00
Kazuhiro MUSASHI 44ca217183 Reload the config after updating the config file. 2024-07-15 21:27:23 +09:00
Kazuhiro MUSASHI 7d65474067 Change mode of `/etc/vault.d/vault.hcl`. 2024-07-15 18:49:42 +09:00
Kazuhiro MUSASHI d11206e3c2 Change `Vault` IP addresses. 2024-07-15 18:48:40 +09:00
Kazuhiro MUSASHI 450426b12a Expliciyly specify the owner and group for `/etc/apt/sources.list.d/hashicorp.list`. 2024-06-10 11:55:15 +09:00
Kazuhiro MUSASHI 6fe04fdaa0 Add cases for Ubuntu 24.04. 2024-05-06 17:08:42 +09:00
Kazuhiro MUSASHI 2063cf2f6c Update HashiCorp APT sources. 2024-04-28 12:13:35 +09:00
Kazuhiro MUSASHI feb2ed45ad Use `ip` command when Ubuntu 22.04. 2024-04-27 14:58:10 +09:00
Kazuhiro MUSASHI cca3bc93d3 Update Hashicorp apt sources. 2024-04-06 17:31:12 +09:00
Kazuhiro MUSASHI 6f18eed04e Change the public key of HashiCorp apt key. 2023-01-28 10:34:54 +09:00
Kazuhiro MUSASHI bc2f8128ff `apt update`コマンドの実行回数を減らす 2022-08-11 12:21:39 +09:00
Kazuhiro MUSASHI 37d51b5ed5 Create `/etc/vault.d/agent` & `/etc/vault.d/tokens` directory.
```
--- a/cookbooks/vault/default.rb
+++ b/cookbooks/vault/default.rb
@@ -2,6 +2,14 @@ include_recipe './attributes.rb'

 include_recipe './install.rb'

+%w( agent tokens ).each do |d|
+  directory "/etc/vault.d/#{d}" do
+    owner 'vault'
+    group 'vault'
+    mode '0755'
+  end
+end
+
 if node['vault']['manager']
   include_recipe './setup.rb'
 end
```
2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 4455fe6b62 Deploy `/etc/logrotate.d/vault`. 2022-07-02 11:40:31 +00:00
Kazuhiro MUSASHI 3bd4973c90 Deploy `Vault` policies. 2022-03-13 21:48:27 +09:00
Kazuhiro MUSASHI cf79f30c4d Create `/etc/vault.d/policies/`. 2022-03-13 21:46:00 +09:00
Kazuhiro MUSASHI da78e76d19 Deploy `/etc/vault.d/vault.hcl`. 2022-03-13 21:45:36 +09:00
Kazuhiro MUSASHI 7681522b6b Specify the default `Vault` managers.
```
--- a/cookbooks/vault/attributes.rb
+++ b/cookbooks/vault/attributes.rb
@@ -21,5 +21,6 @@ node.reverse_merge!({
     'manager' => false,
     'ipaddr' => ipaddr,
     'hostname' => hostname,
+    'ips' => ['192.168.10.141', '192.168.10.142', '192.168.10.143'],
   }
 })
```
2022-03-13 21:45:17 +09:00
Kazuhiro MUSASHI 67fab4951a Retrieve hostname. 2022-03-13 21:45:01 +09:00
Kazuhiro MUSASHI 6fa35a923b Retrieve IP address. 2022-03-13 21:44:18 +09:00
Kazuhiro MUSASHI a917563b06 Conduct setup procedures, when explicitly requested. 2022-03-13 21:43:52 +09:00
Kazuhiro MUSASHI 28e3f21141 Install `Vault`. 2022-03-12 11:59:44 +00:00