Initialize and unlock a local vault instance

vaut-server.sh

#!/usr/bin/env bash

# Starts or stops a new vault instance
# Example: vault-server.sh start vaults/production ${VAULT_KEY} ${VAULT_TOKEN}
# Parameters:
# $1 - (start/stop)
# $2 - Directory where the vault is located
# $3 - Vault Key
# $4 - Vault Token

################################################################################
# Script name should be vault-server.ch
# Example usage in script:
# export VAULT_ADDR=http://127.0.0.1:8200  VAULT_TOKEN=${CFB_TOKEN}
# ./scripts/vault-server.sh start _bob/vault ${CFB_TOKEN} ${CFB_KEYS}
# config-bob build _bob/templates deploy
# ./scripts/vault-server.sh stop 
################################################################################


start(){
    DIRECTORY="$1"    # Directory where the vault is located

    cd "${DIRECTORY}"

    echo "starting vault in directory ${DIRECTORY} "

    # Kill previous instance of vault (if exists) and startup a new instance, and wait for startup
    ps -ef | grep vault | grep -v grep | grep -v "vault-server.sh" | awk '{print $2}' | xargs kill
    vault server -config config.hcl &
    sleep 0.5

    # Export variables and unlock the vault
    echo "unsealing vault from directory ${DIRECTORY}"
    export VAULT_ADDR=http://127.0.0.1:8200  VAULT_TOKEN=$2

    # Export variables and unlock the vault
    echo "unsealing vault from directory ${DIRECTORY}"
    vault unseal $3
    return
}


stop(){
    ps -ef | grep vault | grep -v grep | grep -v "vault-server.sh" | awk '{print $2}' | xargs kill
}

case "$1" in
        start)
                start "$2" "$3" "$4"
                ;;
        stop)
                stop
                ;;
        *)
            echo $"Usage: $0 {start|stop}"
esac