diff options
author | Michael Clayfield | 2024-05-01 15:06:16 +1000 |
---|---|---|
committer | Michael Clayfield | 2024-05-01 15:06:16 +1000 |
commit | 4d31c36eff789f44012a5cf190943d4e9bcd88bd (patch) | |
tree | afdf925fb3b520e87c64d90b68b035d3b22a1bc7 /vault.hcl | |
parent | 7c2b4fc91eacf283c3b8f32ab646a440b6bbf80a (diff) | |
download | aur-vault-bin.tar.gz |
Updated to 1.16.2
Diffstat (limited to 'vault.hcl')
-rw-r--r-- | vault.hcl | 56 |
1 files changed, 45 insertions, 11 deletions
diff --git a/vault.hcl b/vault.hcl index 9b38a3cc6d64..2767ca9a2cc6 100644 --- a/vault.hcl +++ b/vault.hcl @@ -1,17 +1,51 @@ -/* - * Vault configuration. See: https://vaultproject.io/docs/config/ - */ +# Copyright (c) HashiCorp, Inc. +# SPDX-License-Identifier: MPL-2.0 -disable_mlock = true +# Full configuration options can be found at https://www.vaultproject.io/docs/configuration -backend "file" { - path = "/var/lib/vault" +ui = true + +#mlock = true +#disable_mlock = true + +storage "file" { + path = "/var/lib/vault" } +#storage "consul" { +# address = "127.0.0.1:8500" +# path = "vault" +#} + +# HTTP listener listener "tcp" { - /* - * By default Vault listens on localhost only. - * Make sure to enable TLS support otherwise. - */ - tls_disable = 1 + address = "127.0.0.1:8200" + tls_disable = 1 } + +# HTTPS listener +#listener "tcp" { +# address = "0.0.0.0:8200" +# tls_cert_file = "/var/lib/vault/tls/tls.crt" +# tls_key_file = "/var/lib/vault/tls/tls.key" +#} + +# Enterprise license_path +# This will be required for enterprise as of v1.8 +#license_path = "/etc/vault.hclic" + +# Example AWS KMS auto unseal +#seal "awskms" { +# region = "us-east-1" +# kms_key_id = "REPLACE-ME" +#} + +# Example HSM auto unseal +#seal "pkcs11" { +# lib = "/usr/vault/lib/libCryptoki2_64.so" +# slot = "0" +# pin = "AAAA-BBBB-CCCC-DDDD" +# key_label = "vault-hsm-key" +# hmac_key_label = "vault-hsm-hmac-key" +#} + |