Kazuhiro MUSASHI
|
a955001416
|
Add firewall settings for `Vault`.
|
2024-07-15 21:39:00 +09:00 |
Kazuhiro MUSASHI
|
e21fa08291
|
Deploy `/etc/vault.d/vault.env` to enable AWS KMS.
|
2024-07-15 21:28:07 +09:00 |
Kazuhiro MUSASHI
|
44ca217183
|
Reload the config after updating the config file.
|
2024-07-15 21:27:23 +09:00 |
Kazuhiro MUSASHI
|
7d65474067
|
Change mode of `/etc/vault.d/vault.hcl`.
|
2024-07-15 18:49:42 +09:00 |
Kazuhiro MUSASHI
|
d11206e3c2
|
Change `Vault` IP addresses.
|
2024-07-15 18:48:40 +09:00 |
Kazuhiro MUSASHI
|
450426b12a
|
Expliciyly specify the owner and group for `/etc/apt/sources.list.d/hashicorp.list`.
|
2024-06-10 11:55:15 +09:00 |
Kazuhiro MUSASHI
|
6fe04fdaa0
|
Add cases for Ubuntu 24.04.
|
2024-05-06 17:08:42 +09:00 |
Kazuhiro MUSASHI
|
2063cf2f6c
|
Update HashiCorp APT sources.
|
2024-04-28 12:13:35 +09:00 |
Kazuhiro MUSASHI
|
feb2ed45ad
|
Use `ip` command when Ubuntu 22.04.
|
2024-04-27 14:58:10 +09:00 |
Kazuhiro MUSASHI
|
cca3bc93d3
|
Update Hashicorp apt sources.
|
2024-04-06 17:31:12 +09:00 |
Kazuhiro MUSASHI
|
6f18eed04e
|
Change the public key of HashiCorp apt key.
|
2023-01-28 10:34:54 +09:00 |
Kazuhiro MUSASHI
|
bc2f8128ff
|
`apt update`コマンドの実行回数を減らす
|
2022-08-11 12:21:39 +09:00 |
Kazuhiro MUSASHI
|
37d51b5ed5
|
Create `/etc/vault.d/agent` & `/etc/vault.d/tokens` directory.
```
--- a/cookbooks/vault/default.rb
+++ b/cookbooks/vault/default.rb
@@ -2,6 +2,14 @@ include_recipe './attributes.rb'
include_recipe './install.rb'
+%w( agent tokens ).each do |d|
+ directory "/etc/vault.d/#{d}" do
+ owner 'vault'
+ group 'vault'
+ mode '0755'
+ end
+end
+
if node['vault']['manager']
include_recipe './setup.rb'
end
```
|
2022-07-10 16:22:28 +09:00 |
Kazuhiro MUSASHI
|
4455fe6b62
|
Deploy `/etc/logrotate.d/vault`.
|
2022-07-02 11:40:31 +00:00 |
Kazuhiro MUSASHI
|
3bd4973c90
|
Deploy `Vault` policies.
|
2022-03-13 21:48:27 +09:00 |
Kazuhiro MUSASHI
|
cf79f30c4d
|
Create `/etc/vault.d/policies/`.
|
2022-03-13 21:46:00 +09:00 |
Kazuhiro MUSASHI
|
da78e76d19
|
Deploy `/etc/vault.d/vault.hcl`.
|
2022-03-13 21:45:36 +09:00 |
Kazuhiro MUSASHI
|
7681522b6b
|
Specify the default `Vault` managers.
```
--- a/cookbooks/vault/attributes.rb
+++ b/cookbooks/vault/attributes.rb
@@ -21,5 +21,6 @@ node.reverse_merge!({
'manager' => false,
'ipaddr' => ipaddr,
'hostname' => hostname,
+ 'ips' => ['192.168.10.141', '192.168.10.142', '192.168.10.143'],
}
})
```
|
2022-03-13 21:45:17 +09:00 |
Kazuhiro MUSASHI
|
67fab4951a
|
Retrieve hostname.
|
2022-03-13 21:45:01 +09:00 |
Kazuhiro MUSASHI
|
6fa35a923b
|
Retrieve IP address.
|
2022-03-13 21:44:18 +09:00 |
Kazuhiro MUSASHI
|
a917563b06
|
Conduct setup procedures, when explicitly requested.
|
2022-03-13 21:43:52 +09:00 |
Kazuhiro MUSASHI
|
28e3f21141
|
Install `Vault`.
|
2022-03-12 11:59:44 +00:00 |