Updated documentation and example

This commit is contained in:
Eric Renfro 2018-05-15 13:51:39 -04:00
parent ab1a3256c5
commit 4b242107a1
Signed by untrusted user who does not match committer: psi-jack
GPG key ID: 14977F3A50D9A5BF
2 changed files with 42 additions and 69 deletions

View file

@ -15,32 +15,31 @@ Available states
``vault`` ``vault``
---------- ----------
Install the vault binary Installs and configures the Vault service.
``vault.server`` ``vault.install``
--------------------- -----------------
Install and configure the vault server Downloads and installs the Vault binary file.
To use it, just include *vault.server* in your *top.sls*, and configure it using pillars: ``vault.config``
----------------
:: Provision the Vault configuration files and sources.
``vault.service``
-----------------
Adds the Vault service startup configuration or script to an operating system.
To start the service during Salt run and enable it at boot time, you need to set the following Pillar:
.. code:: yaml
vault:
service: true
vault:
version: 0.7.0
listen_protocol: tcp
listen_port: 8200
listen_address: 0.0.0.0
tls_disable: 0
default_lease_ttl: 24h
max_lease_ttl: 24h
self_signed_cert:
enabled: false
backend: {}
dev_mode: true
service:
type: systemd
Testing Testing
======= =======

View file

@ -1,51 +1,25 @@
vault: vault:
version: 0.7.0 # Start Vault agent service and enable it at boot time
listen_protocol: tcp service: True
listen_port: 8200
listen_address: 0.0.0.0
tls_disable: 0
tls_cert_file: {}
tls_key_file: {}
default_lease_ttl: 4380h
max_lease_ttl: 43800h
self_signed_cert:
enabled: false
backend: {}
dev_mode: true
secure_download: true
service:
type: upstart
user: root
group: root
hashicorp_gpg_key: |
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQENBFMORM0BCADBRyKO1MhCirazOSVwcfTr1xUxjPvfxD3hjUwHtjsOy/bT6p9f # Set user and group for Vault config files and running service
W2mRPfwnq2JB5As+paL3UGDsSRDnK9KAxQb0NNF4+eVhr/EJ18s3wwXXDMjpIifq user: vault
fIm2WyH3G+aRLTLPIpscUNKDyxFOUbsmgXAmJ46Re1fn8uKxKRHbfa39aeuEYWFA group: vault
3drdL1WoUngvED7f+RnKBK2G6ZEpO+LDovQk19xGjiMTtPJrjMjZJ3QXqPvx5wca
KSZLr4lMTuoTI/ZXyZy5bD4tShiZz6KcyX27cD70q2iRcEZ0poLKHyEIDAi3TM5k version: 0.10.1
SwbbWBFd5RNPOR0qzrb/0p9ksKK48IIfH2FvABEBAAG0K0hhc2hpQ29ycCBTZWN1
cml0eSA8c2VjdXJpdHlAaGFzaGljb3JwLmNvbT6JATgEEwECACIFAlMORM0CGwMG config:
CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEFGFLYc0j/xMyWIIAIPhcVqiQ59n data_dir: /var/lib/vault
Jc07gjUX0SWBJAxEG1lKxfzS4Xp+57h2xxTpdotGQ1fZwsihaIqow337YHQI3q0i listen_protocol: tcp
SqV534Ms+j/tU7X8sq11xFJIeEVG8PASRCwmryUwghFKPlHETQ8jJ+Y8+1asRydi listen_port: 8200
psP3B/5Mjhqv/uOK+Vy3zAyIpyDOMtIpOVfjSpCplVRdtSTFWBu9Em7j5I2HMn1w listen_address: 0.0.0.0
sJZnJgXKpybpibGiiTtmnFLOwibmprSu04rsnP4ncdC2XRD4wIjoyA+4PKgX3sCO tls_disable: 0
klEzKryWYBmLkJOMDdo52LttP3279s7XrkLEE7ia0fXa2c12EQ0f0DQ1tGUvyVEW tls_cert_file: ''
WmJVccm5bq25AQ0EUw5EzQEIANaPUY04/g7AmYkOMjaCZ6iTp9hB5Rsj/4ee/ln9 tls_key_file: ''
wArzRO9+3eejLWh53FoN1rO+su7tiXJA5YAzVy6tuolrqjM8DBztPxdLBbEi4V+j storage:
2tK0dATdBQBHEh3OJApO2UBtcjaZBT31zrG9K55D+CrcgIVEHAKY8Cb4kLBkb5wM type: file
skn+DrASKU0BNIV1qRsxfiUdQHZfSqtp004nrql1lbFMLFEuiY8FZrkkQ9qduixo default_lease_ttl: 4380h
mTT6f34/oiY+Jam3zCK7RDN/OjuWheIPGj/Qbx9JuNiwgX6yRj7OE1tjUx6d8g9y max_lease_ttl: 43800h
0H1fmLJbb3WZZbuuGFnK6qrE3bGeY8+AWaJAZ37wpWh1p0cAEQEAAYkBHwQYAQIA self_signed_cert:
CQUCUw5EzQIbDAAKCRBRhS2HNI/8TJntCAClU7TOO/X053eKF1jqNW4A1qpxctVc enabled: false
z8eTcY8Om5O4f6a/rfxfNFKn9Qyja/OG1xWNobETy7MiMXYjaa8uUx5iFy6kMVaP dev_mode: true
0BXJ59NLZjMARGw6lVTYDTIvzqqqwLxgliSDfSnqUhubGwvykANPO+93BBx89MRG
unNoYGXtPlhNFrAsB1VR8+EyKLv2HQtGCPSFBhrjuzH3gxGibNDDdFQLxxuJWepJ
EK1UbTS4ms0NgZ2Uknqn1WRU1Ki7rE4sTy68iZtWpKQXZEJa0IGnuI2sSINGcXCJ
oEIgXTMyCILo34Fa/C6VCm2WBgz9zZO8/rHIiQm1J5zqz0DrDwKBUM9C
=LYpS
-----END PGP PUBLIC KEY BLOCK-----
hashicorp_key_id: 51852D87348FFC4C