Created
October 2, 2019 10:07
-
-
Save melkorm/25ce9f0d3840d29caa3491a47129e00f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
docker run --rm --privileged \ | |
-e "VAULT_ADDR=http://0.0.0.0:8202" \ | |
-v $(pwd):/home/vault/ \ | |
--network host vault:1.0.1 \ | |
secrets enable database | |
docker run --privileged \ | |
-e "VAULT_ADDR=http://0.0.0.0:8202" \ | |
-v $(pwd):/home/vault/ \ | |
--network host vault:1.0.1 \ | |
write database/config/my-postgresql-database \ | |
plugin_name=postgresql-database-plugin \ | |
allowed_roles="my-role" \ | |
connection_url="postgresql://{{username}}:{{password}}@a{{host_to_replace}}:5432/db?connect_timeout=1" \ | |
username="root" \ | |
max_connection_lifetime=1m \ | |
max_idle_connections=-1 \ | |
max_open_connections=20 \ | |
password="******" | |
docker run --privileged \ | |
-e "VAULT_ADDR=http://0.0.0.0:8202" \ | |
-v $(pwd):/home/vault/ \ | |
--network host vault:1.0.1 write database/roles/my-role \ | |
db_name=my-postgresql-database \ | |
creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";" \ | |
default_ttl="1h" \ | |
max_ttl="24h" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
docker run --rm --privileged -v $(pwd):/home/vault/ -p 8202:8200 vault:1.0.1 server -dev -log-level=trace |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
watch -d -n 1 docker run --privileged \ | |
-e "VAULT_ADDR=http://0.0.0.0:8202" \ | |
-v $(pwd):/home/vault/ \ | |
--network host \ | |
vault:1.0.1 read database/creds/my-role |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment