|
⇤ ← Revision 1 as of 2018-04-13 23:19:50
Size: 106
Comment:
|
Size: 735
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 5: | Line 5: |
| * sudo setcap cap_ipc_lock=+ep <bin>/9s/vault | * Ensure vault can lock memory mlock {{{ $ sudo setcap CAP_IPC_LOCK= <bin>/9s/vault }}} * Config {{{ storage "file" { path = "/home/xxx/vault-data" address = "127.0.0.1:8500" path = "vault" } #storage "etcd" { # address = "http://localhost:2379" # etcd_api = "v3" # } listener "tcp" { address = "127.0.0.1:8200" #tls_disable = 1 ##Cert + intermediate in concat tls_cert_file = "/home/xxx/ssl/concat_dev.pem" tls_key_file = "/home/xx/ssl/dev.key" } #telemetry { # statsite_address = "127.0.0.1:8125" # disable_hostname = true # } }}} |
Vault by HasiCorp
Ensure vault can lock memory mlock
$ sudo setcap CAP_IPC_LOCK= <bin>/9s/vault
Config
storage "file" { path = "/home/xxx/vault-data" address = "127.0.0.1:8500" path = "vault" } #storage "etcd" { # address = "http://localhost:2379" # etcd_api = "v3" # } listener "tcp" { address = "127.0.0.1:8200" #tls_disable = 1 ##Cert + intermediate in concat tls_cert_file = "/home/xxx/ssl/concat_dev.pem" tls_key_file = "/home/xx/ssl/dev.key" } #telemetry { # statsite_address = "127.0.0.1:8125" # disable_hostname = true # }
...