services/vault
1
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity
Files
5bbe8337c0cdf8120dc19ff04d41425fb661ed1c
vault/helm/ha.yaml
ducoterra 5bbe8337c0 fixup config files and policies
2021-07-13 18:08:43 -04:00

62 lines
1.1 KiB
YAML
Raw Blame History

global:
enabled: true
server:
extraSecretEnvironmentVars:
- envName: VAULT_TOKEN
secretName: auto-unseal-token
secretKey: VAULT_TOKEN
ha:
enabled: true
raft:
enabled: true
config: |
ui = true
listener "tcp" {
tls_disable = 1
address = "[::]:8200"
cluster_address = "[::]:8201"
}
seal "transit" {
address = "http://3.14.3.104:8200"
disable_renewal = "false"
key_name = "autounseal"
mount_path = "transit/"
tls_skip_verify = "true"
}
storage "raft" {
path = "/vault/data"
}
service_registration "kubernetes" {}
dataStorage:
enabled: true
size: 32Gi
storageClass: null
accessMode: ReadWriteOnce
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
hosts:
- host: vault.ducoterra.net
paths:
- /
tls:
- hosts:
- vault.ducoterra.net
secretName: vault-tls-cert
ui:
enabled: true
serviceType: ClusterIP
Reference in New Issue View Git Blame Copy Permalink