#format wiki
#language en
= AppArmor =

 * profiles per application, based on file paths

== Init vault ==
 * e.g. {{{ 
   vault operator init \
    -key-shares=3 \
    -key-threshold=2 \
    -pgp-keys="keybase:hashicorp,keybase:jefferai,keybase:sethvargo" \
    -root-token-pgp-key="keybase:hashicorp"
    }}}
 * or GPG https://www.vaultproject.io/docs/concepts/pgp-gpg-keybase.html

 * With client connection to server {{{
$ vault operator init     -key-shares=9     -key-threshold=3
Unseal Key 1: rjV7Qdc+H9lQLdyzXXGF8hpRYFGbIBiQ/Zr6eoopNuTB
Unseal Key 2: CKVNeq8WmwOLAeu7lBmCkfCYvWqQHbyeRCsmBHL1QBAL
Unseal Key 3: SiJyjbbbyRP/JY6I6PCmBG0YdO6o1EPhyZ+fMImpaNKH
Unseal Key 4: sfu2MKkNkoeI2EA4vO7sOtUbRzYZZrGBxOrEoOHtTo+O
Unseal Key 5: 7XFvEXwZjCukP4fKINKt7HFLy0GJ4GMvoSN0AK0dEUHS
Unseal Key 6: oqheZQnzmMWLfs8gxAEY5aKbEacT+rSMmV8oegq6Kc9U
Unseal Key 7: 4QUI8Iwhu8tvi5TW5VY4PKwZFVG0eUCGanecIVVIohwV
Unseal Key 8: XkZgPVCMS7Y95LvdfbtAesZkbxvWHFc47Wj0g2mAmjjq
Unseal Key 9: UxhuvjyrDUhmgZYE5YHR5og0fHl0z3/kWKARzTV7inTg

Initial Root Token: 417c52cf-863e-0014-330e-fdc834c24d15
   }}}

 * vault logint 
    export VAULT_TOKEN=417c52cf-863e-0014-330e-fdc834c24d15

 * Check for alive {{{
curl -k https://127.0.0.1:8200/v1/sys/init
{"initialized":true}
   }}}


== Policies ==
 * https://www.vaultproject.io/intro/getting-started/policies.html


...