Kubernetes.K3s.installLog/services/Vault
2022-01-09 20:16:16 +01:00
..
chart-values.yml Delete commit history along with sensitive data 2020-09-01 17:44:43 +02:00
ingressRoute-Vault.yml Housekeeping 2020-12-08 08:54:12 +01:00
persistentVolume-Vault.yml Fix filename consistency 2020-11-10 17:37:52 +01:00
README.md Vault--(reference docs left);SealedSecrets++ 2022-01-09 20:16:16 +01:00

1) HashiCorp Vault

Not currently in use (using bitnami sealed-secrets instead); left for reference

1.1) Create persistentVolume and ingressRoute

Requires specifying a uid & gid in the flexvolSMB-persistentVolume

kubectl create namespace vault
kubectl apply -f services/Vault/persistentVolume-Vault.yml
kubectl apply -f services/Vault/ingressRoute-Vault.yml
1.2) Install Helm Chart

REMOVED; left for reference See HashiCorp Vault:

helm repo add hashicorp https://helm.releases.hashicorp.com
helm repo update
helm install vault hashicorp/vault --namespace vault --values=services/Vault/chart-values.yml

Configure Vault for use;

# kubectl exec -n vault -it vault-0 -- sh

# It might be necessary to first login with an existing token:
# vault login

cat <<EOF > /home/vault/app-policy.hcl
path "secret*" {
  capabilities = ["read"]
}
EOF

vault secrets enable -path=secret -version=2 kv