Note: This project started becuase I wanted to have a local instance of vault to test a few vault utilities. The second goal was to see if I could automate as much of the install as possible.
This is all done in bash and terraform.
| script | description |
|---|---|
| start_vault.sh | main script to start and configure vault. This script call a few other scripts and then terraform |
| vault_init.out | test to see if vault has need initialized. If not, it run the vault operator init command and output to json format and piped to a file |
| vault_unseal.sh | reads the output file using cat and jq and passes the keys into vault unseal in a for loop |
| vault_login.sh | logs in to vault using the root token |
| cleanup.sh | destroies all the terraform state objects, then shutsdown dockers, and finally deletes the ~/volumes directory. This does destroy the vault instance |
| terraform file | description |
|---|---|
| main.tf | the main terraform control file |
| auth.tf | configures auth/userpass and auth users |
| policies.tf | configure the policies |
| secrets | creates a few secrets for the tests |
https://blog.ruanbekker.com/blog/2019/05/06/setup-hashicorp-vault-server-on-docker-and-cli-guide/
# clone this repo
git clone https://github.com/mickmill54/vault_server_docker.git
cd vault_server_docker
# Make sure the following are installed.
- docker
- vault
- terraform
- jq
# Note: I only tested this on macOS
# startup
./start_vault.sh
# shutdown and cleanup
./cleanup.sh