repo: Genesis

This is a small package that contains a systemd template service for use with Vault agents. The basic idea is to add any configuration to: /etc/vault-agent.d/$instance/agent.hcl and start the service: systemctl enable --now vault-agent@$instance.service Environment configuration that belongs to all agents on the system (upstream vault address, for example) can be added to: /etc/default/vault-agent
author: Paul Stemmet 2022-11-20 11:59:44 +0000
committer: Bazaah 2022-11-20 12:45:11 +0000
commit: 37cefafb069f23644d3e30e889d27fee447b638a (patch)
tree: f0b463aca9396013eda0f249a3252a67c78f85a2 /vault-agent@.service
download: aur-vault-agent.tar.gz
1 files changed, 30 insertions, 0 deletions
diff --git a/vault-agent@.service b/vault-agent@.service
new file mode 100644
index 000000000000..b913eb47fd92
--- /dev/null
+++ b/vault-agent@.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=Vault agent (config:%i)
+Documentation=https://developer.hashicorp.com/vault/docs/agent
+Requires=network-online.target
+After=network-online.target
+
+[Service]
+User=vault
+Group=vault
+ExecStart=/bin/vault agent -config=/etc/vault-agent.d/%i/agent.hcl
+KillSignal=SIGINT
+
+[Service]
+Environment=GOMAXPROCS=2
+EnvironmentFile=-/etc/default/vault-agent
+EnvironmentFile=-/etc/vault-agent.d/%i/agent.env
+WorkingDirectory=/etc/vault-agent.d/%i
+TimeoutStopSec=30s
+Restart=on-failure
+RestartSec=15
+
+[Unit]
+ConditionPathIsDirectory=/etc/vault-agent.d/%i
+ConditionFileNotEmpty=/etc/vault-agent.d/%i/agent.hcl
+StartLimitIntervalSec=300
+StartLimitBurst=20
+
+[Install]
+WantedBy=multi-user.target
+
author	Paul Stemmet	2022-11-20 11:59:44 +0000
committer	Bazaah	2022-11-20 12:45:11 +0000
commit	37cefafb069f23644d3e30e889d27fee447b638a (patch)
tree	f0b463aca9396013eda0f249a3252a67c78f85a2 /vault-agent@.service
download	aur-vault-agent.tar.gz