Vault by HasiCorp
Ensure vault can lock memory mlock
$ sudo setcap CAP_IPC_LOCK= <bin>/9s/vault
Config
storage "file" { path = "/home/xxx/vault-data" address = "127.0.0.1:8500" path = "vault" } #storage "etcd" { # address = "http://localhost:2379" # etcd_api = "v3" # } listener "tcp" { address = "127.0.0.1:8200" #tls_disable = 1 ##Cert + intermediate in concat tls_cert_file = "/home/xxx/ssl/concat_dev.pem" tls_key_file = "/home/xx/ssl/dev.key" } #telemetry { # statsite_address = "127.0.0.1:8125" # disable_hostname = true # }
Got error with client no initialized
$ vault status Error checking seal status: Error making API request. URL: GET https://localdomain.com:8200/v1/sys/seal-status Code: 400. Errors: * server is not yet initialized
...