umohi/Vault.txt

## Vault.txt
// Set up Ubuntu on Ec2 instance

// Install unzip.

sudo apt-get install unzip

// Download Vault and Consul(if necessary)

wget https://releases.hashicorp.com/vault/0.6.2/vault_0.6.2_linux_amd64.zip

wget https://releases.hashicorp.com/consul/0.7.0/consul_0.7.0_linux_amd64.zip

// Unzip Files.

unzip vault_0.6.2_linux_amd64.zip
unzip consul_0.7.0_linux_amd64.zip

// Set Path in .profile

sudo vim .profile
export PATH="$HOME/:$PATH"
source .profile

// Test to make sure Vault and Consul is working

vault
consul

// Create HCL Vault configuration file

sudo vim config.hcl

backend "consul" {
  address = "127.0.0.1:8500"
  path = "vault"
}

listener "tcp" {
 address = "0.0.0.0:8200"
 tls_disable = 1
}

// Set environment variable for Vault address

export VAULT_ADDR=http://127.0.0.0:8200

// Start Consul Backend Server

consul agent -server -bootstrap-expect 1 -data-dir /tmp/consul

// Start Vault Server

vault server -config=example.hcl

// Check Vault status

vault status

// Response should say server not yet initialized. Do so.

vault operator init

** Save the keys and token somewhere safe. This will be the only time you will see them all together.**

// Unseal the Vault server with any 3 of the 5 keys 3 times.

vault operator unseal
[Paste key]

vault operator unseal
[Paste key]

etc..

vault login
[Past initial root token]

// Test server connection
vault secrets list -detailed
	// Set up Ubuntu on Ec2 instance

	// Install unzip.

	sudo apt-get install unzip

	// Download Vault and Consul(if necessary)

	wget https://releases.hashicorp.com/vault/0.6.2/vault_0.6.2_linux_amd64.zip

	wget https://releases.hashicorp.com/consul/0.7.0/consul_0.7.0_linux_amd64.zip

	// Unzip Files.

	unzip vault_0.6.2_linux_amd64.zip
	unzip consul_0.7.0_linux_amd64.zip

	// Set Path in .profile

	sudo vim .profile
	export PATH="$HOME/:$PATH"
	source .profile

	// Test to make sure Vault and Consul is working

	vault
	consul

	// Create HCL Vault configuration file

	sudo vim config.hcl

	backend "consul" {
	address = "127.0.0.1:8500"
	path = "vault"
	}

	listener "tcp" {
	address = "0.0.0.0:8200"
	tls_disable = 1
	}

	// Set environment variable for Vault address

	export VAULT_ADDR=http://127.0.0.0:8200

	// Start Consul Backend Server

	consul agent -server -bootstrap-expect 1 -data-dir /tmp/consul

	// Start Vault Server

	vault server -config=example.hcl

	// Check Vault status

	vault status

	// Response should say server not yet initialized. Do so.

	vault operator init

	Save the keys and token somewhere safe. This will be the only time you will see them all together.

	// Unseal the Vault server with any 3 of the 5 keys 3 times.

	vault operator unseal
	[Paste key]

	vault operator unseal
	[Paste key]

	etc..

	vault login
	[Past initial root token]

	// Test server connection
	vault secrets list -detailed