vault sysvinit config

vault.sysvinit

#!/bin/bash
#
# vault        Manage the Vault server
#       
# chkconfig:   2345 95 95
# description: Hashicorp Vault is a secrets management tool
# processname: vault
# config: /etc/vault.conf
# pidfile: /var/run/vault.pid

### BEGIN INIT INFO
# Provides:       vault
# Required-Start: $local_fs $network
# Required-Stop:
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop:  0 1 6
# Short-Description: Manage the vault agent
# Description: Hashicorp Vault is a secrets management tool
### END INIT INFO

# source function library
. /etc/rc.d/init.d/functions

prog="vault"
user="vault"
exec="/usr/local/bin/$prog"
pidfile="/var/run/$prog.pid"
lockfile="/var/lock/subsys/$prog"
logfile="/var/log/$prog"
confdir="/etc/vault.d"

# pull in sysconfig settings
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

export GOMAXPROCS=${GOMAXPROCS:-2}

start() {
    [ -x $exec ] || exit 5
    
    [ -d $confdir ] || exit 6

    umask 077

    touch $logfile $pidfile
    chown $user:$user $logfile $pidfile

    echo -n $"Starting $prog: "
    
    daemon \
        --pidfile=$pidfile \
        --user=vault \
        " { $exec server -config=$confdir/vault.hcl &>> $logfile & } ; echo \$! >| $pidfile "
    
    RETVAL=$?
    echo
    
    [ $RETVAL -eq 0 ] && touch $lockfile
    
    echo -n $"Waiting for Vault ready: "
    
    ## wait up to 60s for the rpc port to become listened-upon
    count=0
    ready=0
    pid=$( cat ${pidfile} )
    while checkpid ${pid} && [ $count -lt 60 ] && [ $ready -ne 1 ]; do
        count=$(( count + 1 ))
        
        if netstat -lptn | egrep -q ":8200.*LISTEN +${pid}/" ; then
            ready=1
        else
            sleep 1
        fi
    done
    
    if [ $ready -eq 1 ]; then
        RETVAL=0
        success
    else
        RETVAL=1
        failure
    fi
    
    echo    
    return $RETVAL
}

stop() {
    echo -n $"Shutting down $prog: "
    
    ## graceful shutdown with leave
    $exec leave &> /dev/null
    RETVAL=$?
    
    ## wait up to 10s for the daemon to exit
    if [ $RETVAL -eq 0 ]; then
        count=0
        stopped=0
        pid=$( cat ${pidfile} )
        while [ $count -lt 10 ] && [ $stopped -ne 1 ]; do
            count=$(( count + 1 ))
            
            if ! checkpid ${pid} ; then
                stopped=1
            else
                sleep 1
            fi
        done
        
        if [ $stopped -ne 1 ]; then
            RETVAL=125
        fi
    fi
    
    if [ $RETVAL -eq 0 ]; then
        success
        rm -f $lockfile $pidfile
    else
        failure
    fi

    echo
    return $RETVAL
}

restart() {
    stop
    start
}

reload() {
    echo -n $"Reloading $prog: "
    killproc -p $pidfile $exec -HUP
    echo
}

force_reload() {
    restart
}

rh_status() {
    status -p "$pidfile" -l $prog $exec
    
    RETVAL=$?
    
    [ $RETVAL -eq 0 ] && $exec members
    
    return $RETVAL
}

rh_status_q() {
    rh_status >/dev/null 2>&1
}

case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
        restart
        ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
        exit 2
esac

exit $?