Further reorg and cleanup

2018-05-15 02:13:54 -04:00 · 2018-05-15 02:13:54 -04:00 · c0556e840f
commit c0556e840f
parent 2960b715fd
5 changed files with 17 additions and 16 deletions
--- a/vault/defaults.yaml
+++ b/vault/defaults.yaml
@ -17,7 +17,8 @@ vault:
    tls_key_file: ''
    default_lease_ttl: 24h
    max_lease_ttl: 24h
    self_signed_cert:
      enabled: false
    backend: {}
    dev_mode: false
  self_signed_cert:
    enabled: false
--- a/vault/files/config.hcl
+++ b/vault/files/config.hcl
@ -3,14 +3,14 @@
 listener "{{ vault.config.listen_protocol }}" {
  address = "{{ vault.config.listen_address }}:{{ vault.config.listen_port }}"
  tls_disable = {{ vault.config.tls_disable }}
-{%- if vault.config.self_signed_cert.enabled %}
+{%- if vault.self_signed_cert.enabled %}
-  tls_cert_file = "/etc/vault/{{ vault.config.self_signed_cert.hostname }}.pem"
+  tls_cert_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}.pem"
-  tls_key_file = "/etc/vault/{{ vault.config.self_signed_cert.hostname }}-nopass.key"
+  tls_key_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}-nopass.key"
 {% else -%}
-{%- if vault.tls_cert_file %}
+{%- if vault.config.tls_cert_file %}
  tls_cert_file = "{{ vault.config.tls_cert_file }}"
 {% endif -%}
-{%- if vault.tls_key_file %}
+{%- if vault.config.tls_key_file %}
  tls_key_file = "{{ vault.config.tls_key_file }}"
 {% endif -%}
 {% endif %}
--- a/vault/files/vault.service
+++ b/vault/files/vault.service
@ -1,14 +1,14 @@
-{%- from "vault/map.jinja" import vault with context -%}
+{%- from slspath + '/map.jinja' import vault with context -%}
 [Unit]
 Description=vault server
 Requires=network-online.target
-After=network-online.target{% if vault.storage and vault.storage.type == "consul" %} consul.service{% endif %}
+After=network-online.target{% if vault.config.storage and vault.config.storage.type == "consul" %} consul.service{% endif %}
 [Service]
 EnvironmentFile=-/etc/sysconfig/vault
-User={{ vault.user }}
+User={{ user }}
-Group={{ vault.group }}
+Group={{ group }}
-ExecStart=/usr/local/bin/vault server {% if vault.dev_mode %}-dev{% else %}-config="/etc/vault.d/config.hcl"{% endif %}
+ExecStart=/usr/local/bin/vault server {% if vault.config.dev_mode %}-dev{% else %}-config="/etc/vault.d/config.hcl"{% endif %}
 ExecReload=/bin/kill -signal HUP $MAINPID
 ExecStop=/usr/local/bin/vault operator step-down
 Restart=on-failure
--- a/vault/files/vault.sysvinit
+++ b/vault/files/vault.sysvinit
@ -5,7 +5,7 @@
 # chkconfig:   2345 95 95
 # description: Vault is a tool for service discovery and configuration
 # processname: vault
-# config: /etc/vault.conf
+# config: /etc/vault.d/config.hcl
 # pidfile: /var/run/vault.pid
 ### BEGIN INIT INFO
--- a/vault/files/vault.upstart
+++ b/vault/files/vault.upstart
@ -1,4 +1,4 @@
-{%- from "vault/map.jinja" import vault with context -%}
+{%- from slspath + '/map.jinja' import vault with context -%}
 description "Vault server"
 start on (runlevel [345] and started network)
@ -15,10 +15,10 @@ script
  export GOMAXPROCS=`nproc`
  exec /usr/local/bin/vault server \
-{%- if vault.dev_mode %}
+{%- if vault.config.dev_mode %}
    -dev \
 {% else %}
-    -config="/etc/vault/config/server.hcl" \
+    -config="/etc/vault.d/config.hcl" \
 {% endif -%}
    >>/var/log/vault.log 2>&1
 end script