diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
| commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
| tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /app-admin/vault/files | |
reinit the tree, so we can have metadata
Diffstat (limited to 'app-admin/vault/files')
| -rw-r--r-- | app-admin/vault/files/localhost.json.example | 9 | ||||
| -rw-r--r-- | app-admin/vault/files/vault.confd | 7 | ||||
| -rw-r--r-- | app-admin/vault/files/vault.initd | 19 | ||||
| -rw-r--r-- | app-admin/vault/files/vault.logrotated | 7 | ||||
| -rw-r--r-- | app-admin/vault/files/vault.service | 18 |
5 files changed, 60 insertions, 0 deletions
diff --git a/app-admin/vault/files/localhost.json.example b/app-admin/vault/files/localhost.json.example new file mode 100644 index 000000000000..02c377e424a9 --- /dev/null +++ b/app-admin/vault/files/localhost.json.example @@ -0,0 +1,9 @@ +backend "consul" { + address = "127.0.0.1:8500" + path = "vault" +} + +listener "tcp" { + address = "127.0.0.1:8200" + tls_disable = 1 +} diff --git a/app-admin/vault/files/vault.confd b/app-admin/vault/files/vault.confd new file mode 100644 index 000000000000..6263ff00f911 --- /dev/null +++ b/app-admin/vault/files/vault.confd @@ -0,0 +1,7 @@ +# you can change the init script behavior by setting those parameters +# - group (default: vault) +# - pidfile (default: /run/vault/vault.pid) +# - user (default: vault) + +# extra arguments for the consul agent +command_args="-config=/etc/vault.d" diff --git a/app-admin/vault/files/vault.initd b/app-admin/vault/files/vault.initd new file mode 100644 index 000000000000..d430bb8d39a9 --- /dev/null +++ b/app-admin/vault/files/vault.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2015-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="vault server" +group=${group:-${RC_SVCNAME}} +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-${RC_SVCNAME}} + +command="/usr/bin/${RC_SVCNAME}" +command_args="server ${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + need net +} diff --git a/app-admin/vault/files/vault.logrotated b/app-admin/vault/files/vault.logrotated new file mode 100644 index 000000000000..66b827b9e693 --- /dev/null +++ b/app-admin/vault/files/vault.logrotated @@ -0,0 +1,7 @@ +/var/log/vault/vault.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/app-admin/vault/files/vault.service b/app-admin/vault/files/vault.service new file mode 100644 index 000000000000..3071d0346277 --- /dev/null +++ b/app-admin/vault/files/vault.service @@ -0,0 +1,18 @@ +[Unit] +Description=vault server +Requires=network-online.target +After=network-online.target + +[Service] +User=vault +Environment=VAULT_SERVER_OPTS="-config=/etc/vault.d" +ExecStart=/usr/bin/vault server $VAULT_SERVER_OPTS +CapabilityBoundingSet=CAP_IPC_LOCK +AmbientCapabilities=CAP_IPC_LOCK +Capabilities=CAP_IPC_LOCK=ep +SecureBits=keep-caps +Restart=on-failure +SuccessExitStatus=2 + +[Install] +WantedBy=default.target |