39 lines
945 B
HCL
39 lines
945 B
HCL
exit_after_auth = false
|
|
pid_file = "/vault/secrets/vault-agent.pid"
|
|
|
|
auto_auth {
|
|
method "approle" {
|
|
mount_path = "auth/approle"
|
|
config = {
|
|
role_id_file_path = "/vault/secrets/role_id"
|
|
secret_id_file_path = "/vault/secrets/secret_id"
|
|
}
|
|
}
|
|
sink "file" { config = { path = "/vault/secrets/.vault-token" } }
|
|
}
|
|
|
|
# Render secrets to lowercase files
|
|
template {
|
|
source = "/etc/vault/templates/agent_secret.ctmpl"
|
|
destination = "/vault/secrets/agent_secret"
|
|
perms = "0440"
|
|
}
|
|
|
|
template {
|
|
source = "/etc/vault/templates/gitea_client_id.ctmpl"
|
|
destination = "/vault/secrets/gitea_client_id"
|
|
perms = "0440"
|
|
}
|
|
|
|
template {
|
|
source = "/etc/vault/templates/gitea_client_secret.ctmpl"
|
|
destination = "/vault/secrets/gitea_client_secret"
|
|
perms = "0440"
|
|
}
|
|
|
|
template {
|
|
source = "/etc/vault/templates/pg_dsn.ctmpl"
|
|
destination = "/vault/secrets/pg_dsn"
|
|
perms = "0644"
|
|
}
|