Last active
July 24, 2020 19:31
-
-
Save kaparora/e73b44e37a51303d5fd7b2e29424a241 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo apt update && sudo apt install -y unzip | |
| VAULT_ZIP="vault.zip" | |
| VAULT_URL="https://releases.hashicorp.com/vault/1.4.3+ent/vault_1.4.3+ent_linux_amd64.zip" | |
| curl --silent --output /tmp/$${VAULT_ZIP} $${VAULT_URL} | |
| unzip -o /tmp/$${VAULT_ZIP} -d /usr/local/bin/ | |
| chmod 0755 /usr/local/bin/vault | |
| chown azureuser:azureuser /usr/local/bin/vault | |
| mkdir -pm 0755 /etc/vault.d | |
| mkdir -pm 0755 /opt/vault | |
| chown azureuser:azureuser /opt/vault | |
| cat << EOF > /lib/systemd/system/vault.service | |
| [Unit] | |
| Description=Vault Agent | |
| Requires=network-online.target | |
| After=network-online.target | |
| [Service] | |
| Restart=on-failure | |
| PermissionsStartOnly=true | |
| ExecStartPre=/sbin/setcap 'cap_ipc_lock=+ep' /usr/local/bin/vault | |
| ExecStart=/usr/local/bin/vault agent -config /etc/vault.d/config.hcl | |
| ExecReload=/bin/kill -HUP $MAINPID | |
| KillSignal=SIGTERM | |
| User=azureuser | |
| Group=azureuser | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF | |
| sudo chmod 0664 /lib/systemd/system/vault.service | |
| systemctl daemon-reload | |
| sudo chown -R azureuser:azureuser /etc/vault.d | |
| sudo chmod -R 0644 /etc/vault.d/* | |
| systemctl enable vault | |
| systemctl start vault |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment