luzifer-docker/vault-self-unseal
1
0
Fork 0
mirror of https://github.com/luzifer-docker/vault-self-unseal.git synced 2024-10-18 03:34:21 +00:00
Code Issues Releases Wiki Activity

Allow configuring through a mounted file

Browse source 
for example through a Kubernetes secret

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-05-30 10:33:26 +02:00
parent fbfdac0432
commit ec545715d4
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
2 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Dockerfile
View file

@ -12,4 +12,5 @@ COPY entrypoint.sh /usr/local/bin/
USER vault
VOLUME ["/config"]
ENTRYPOINT ["/bin/bash", "/usr/local/bin/entrypoint.sh"]

2
entrypoint.sh
View file

@ -1,6 +1,8 @@
#!/bin/bash
set -euo pipefail
[ -f "/config/vault-self-unseal.env" ] && source "/config/vault-self-unseal.env"
LOCAL_VAULT_ADDR=${LOCAL_VAULT_ADDR:-http://vault:8200}
UNSEAL_TOKEN_FIELD=${UNSEAL_TOKEN_FIELD:-token}
UNSEAL_TOKEN_PATH=${UNSEAL_TOKEN_PATH:-secret/mgmt/unseal}