Skip to content

Instantly share code, notes, and snippets.

@ASangave

ASangave/vault config node 1

Created December 15, 2022 09:33
Show Gist options
  • Save ASangave/5ed949859034723406290e43245212d8 to your computer and use it in GitHub Desktop.
Save ASangave/5ed949859034723406290e43245212d8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
vault config node 1
### Node 1 ###
[user@node1 vault.d]$ cat vault.hcl
storage "raft" {
path = "/opt/raft"
node_id = "node1"
retry_join
{
leader_api_addr = "https://node2.int.us-west-1-dev.lyvecloud.seagate.com:8200"
leader_ca_cert_file = "/etc/vault.d/ssl/tls_ca.pem"
leader_client_cert_file = "/etc/vault.d/ssl/tls.crt"
leader_client_key_file = "/etc/vault.d/ssl/tls.key"
}
retry_join
{
leader_api_addr = "https://node3.int.us-west-1-dev.lyvecloud.seagate.com:8200"
leader_ca_cert_file = "/etc/vault.d/ssl/tls_ca.pem"
leader_client_cert_file = "/etc/vault.d/ssl/tls.crt"
leader_client_key_file = "/etc/vault.d/ssl/tls.key"
}
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = false
tls_cert_file = "/etc/vault.d/ssl/tls.crt"
tls_key_file = "/etc/vault.d/ssl/tls.key"
tls_client_ca_file = "/etc/vault.d/ssl/tls_ca.pem"
tls_cipher_suites = "TLS_TEST_128_GCM_SHA256,
TLS_TEST_128_GCM_SHA256,
TLS_TEST20_POLY1305,
TLS_TEST_256_GCM_SHA384,
TLS_TEST20_POLY1305,
TLS_TEST_256_GCM_SHA384"
}
api_addr = "https://node1.int.us-west-1-dev.lyvecloud.seagate.com:8200"
cluster_addr = "https://node1.int.us-west-1-dev.lyvecloud.seagate.com:8201"
disable_mlock = true
ui = true
log_level = "trace"
disable_cache = true
cluster_name = "POC"
# Enterprise license_path
# This will be required for enterprise as of v1.8
license_path = "/etc/vault.d/vault.hclic"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment