add vault

2025-03-19 21:10:21 +02:00 · 2015-07-18 15:30:30 +08:00 · 2015-07-18 15:30:30 +08:00 · c3968b3404
commit c3968b3404
parent b86d12929d
4 changed files with 55 additions and 0 deletions
--- a/vault/Dockerfile
+++ b/vault/Dockerfile
@ -0,0 +1,26 @@
+#
+# Dockerfile for vault
+#
+
+FROM apline
+MAINTAINER kev <noreply@datageek.info>
+
+ENV VAULT_VER 0.2.0
+ENV VAULT_URL http://dl.bintray.com/mitchellh/vault/vault_${VAULT_VER}_linux_amd64.zip
+ENV VAULT_MD5 0ba0029ddccb737cd2dbb1f018136535
+ENV VAULT_FILE vault.zip
+ENV VAULT_ADDR http://127.0.0.1:8200
+
+RUN wget -O $VAULT_FILE $VAULT_URL \
+    && echo "$VAULT_MD5  $VAULT_FILE" | md5sum -c \
+    && unzip $VAULT_FILE -d /usr/bin/ \
+    && chmod +x /usr/bin/vault \
+    && rm $VAULT_FILE
+
+COPY vault.hcl /etc/
+
+VOLUME /var/lib/vault
+
+EXPOSE 8200
+
+CMD ["vault", "server", "-config", "/etc/vault.hcl"]
--- a/vault/README.md
+++ b/vault/README.md
@ -0,0 +1,9 @@
+vault
+=====
+
+[`Vault`][1] is a tool for securely accessing secrets. A secret is anything
+that you want to tightly control access to, such as API keys, passwords,
+certificates, and more. Vault provides a unified interface to any secret, while
+providing tight access control and recording a detailed audit log.
+
+[1]: https://www.vaultproject.io/
--- a/vault/docker-compose.yml
+++ b/vault/docker-compose.yml
@ -0,0 +1,12 @@
+data:
+  image: busybox
+  volumes:
+    - /var/lib/vault
+
+vault:
+  image: vimagick/vault
+  ports:
+    - "8200:8200"
+  volumes-from:
+    - data
+  restart: always
--- a/vault/vault.hcl
+++ b/vault/vault.hcl
@ -0,0 +1,8 @@
+backend "file" {
+  path = "/var/lib/vault"
+}
+
+listener "tcp" {
+  address = "0.0.0.0:8200"
+  tls_disable = 1
+}