From c3968b3404a1dafd404aa51a112c43d33beb899a Mon Sep 17 00:00:00 2001
From: kev <vimagick@gmail.com>
Date: Sat, 18 Jul 2015 15:30:30 +0800
Subject: [PATCH] add vault

---
 vault/Dockerfile         | 26 ++++++++++++++++++++++++++
 vault/README.md          |  9 +++++++++
 vault/docker-compose.yml | 12 ++++++++++++
 vault/vault.hcl          |  8 ++++++++
 4 files changed, 55 insertions(+)
 create mode 100644 vault/Dockerfile
 create mode 100644 vault/README.md
 create mode 100644 vault/docker-compose.yml
 create mode 100644 vault/vault.hcl

diff --git a/vault/Dockerfile b/vault/Dockerfile
new file mode 100644
index 0000000..44a9ccd
--- /dev/null
+++ b/vault/Dockerfile
@@ -0,0 +1,26 @@
+#
+# Dockerfile for vault
+#
+
+FROM apline
+MAINTAINER kev <noreply@datageek.info>
+
+ENV VAULT_VER 0.2.0
+ENV VAULT_URL http://dl.bintray.com/mitchellh/vault/vault_${VAULT_VER}_linux_amd64.zip
+ENV VAULT_MD5 0ba0029ddccb737cd2dbb1f018136535
+ENV VAULT_FILE vault.zip
+ENV VAULT_ADDR http://127.0.0.1:8200
+
+RUN wget -O $VAULT_FILE $VAULT_URL \
+    && echo "$VAULT_MD5  $VAULT_FILE" | md5sum -c \
+    && unzip $VAULT_FILE -d /usr/bin/ \
+    && chmod +x /usr/bin/vault \
+    && rm $VAULT_FILE
+
+COPY vault.hcl /etc/
+
+VOLUME /var/lib/vault
+
+EXPOSE 8200
+
+CMD ["vault", "server", "-config", "/etc/vault.hcl"]
diff --git a/vault/README.md b/vault/README.md
new file mode 100644
index 0000000..d31e0ad
--- /dev/null
+++ b/vault/README.md
@@ -0,0 +1,9 @@
+vault
+=====
+
+[`Vault`][1] is a tool for securely accessing secrets. A secret is anything
+that you want to tightly control access to, such as API keys, passwords,
+certificates, and more. Vault provides a unified interface to any secret, while
+providing tight access control and recording a detailed audit log.
+
+[1]: https://www.vaultproject.io/
diff --git a/vault/docker-compose.yml b/vault/docker-compose.yml
new file mode 100644
index 0000000..17e9f97
--- /dev/null
+++ b/vault/docker-compose.yml
@@ -0,0 +1,12 @@
+data:
+  image: busybox
+  volumes:
+    - /var/lib/vault
+
+vault:
+  image: vimagick/vault
+  ports:
+    - "8200:8200"
+  volumes-from:
+    - data
+  restart: always
diff --git a/vault/vault.hcl b/vault/vault.hcl
new file mode 100644
index 0000000..756e590
--- /dev/null
+++ b/vault/vault.hcl
@@ -0,0 +1,8 @@
+backend "file" {
+  path = "/var/lib/vault"
+}
+
+listener "tcp" {
+  address = "0.0.0.0:8200"
+  tls_disable = 1
+}