services/vault
1
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity
Files
625474bed4524e29ec426f7d203204cec38e00a6
vault/helm/ha.yaml
ducoterra 625474bed4 Add AWS auth and secret docs 
Add docs to README explaining how to enable and use aws auth and aws
client secrets.
2022-01-10 16:54:01 -05:00

70 lines
1.3 KiB
YAML
Raw Blame History

global:
enabled: true
server:
tolerations: |
- key: "type"
operator: "Equal"
value: "pi"
effect: "NoSchedule"
extraSecretEnvironmentVars:
- envName: VAULT_TOKEN
secretName: auto-unseal-token
secretKey: VAULT_TOKEN
ha:
enabled: true
raft:
enabled: true
config: |
ui = true
listener "tcp" {
tls_disable = 1
address = "[::]:8200"
cluster_address = "[::]:8201"
}
seal "transit" {
address = "http://pi-vault.dnet:8200"
disable_renewal = "false"
key_name = "autounseal"
mount_path = "transit/"
tls_skip_verify = "true"
}
storage "raft" {
path = "/vault/data"
}
service_registration "kubernetes" {}
disruptionBudget:
enabled: false
dataStorage:
enabled: true
size: 32Gi
accessMode: ReadWriteOnce
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
hosts:
- host: vault.ducoterra.net
paths:
- /
tls:
- hosts:
- vault.ducoterra.net
secretName: vault-tls-cert
ui:
enabled: true
serviceType: ClusterIP
Reference in New Issue View Git Blame Copy Permalink