Last active
May 3, 2024 15:10
-
-
Save mastier/1be2fbdc1cfe51c0d8b4f341a19e1e56 to your computer and use it in GitHub Desktop.
Revisions
-
mastier revised this gist
Jun 16, 2021 . 1 changed file with 26 additions and 16 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,34 +3,44 @@ if ! type vault >/dev/null 2>&1; then "Please install vault. $ snap install vaul export VAULT_KEYS_PATH="vault-keys.txt" vault_init() { VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" echo "=== Initializing Vault by $VAULT_UNIT_IP ===" vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH} } vault_unseal() { for key in `cat ${VAULT_KEYS_PATH} |cut -f4 -d' '|head -3`; do vault operator unseal $key; done } vault_unseal_all() { for i in 0 1 2; do VAULT_UNIT_IP=$(juju run --unit vault/$i "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" echo "== Unsealing vault/$i : $VAULT_UNIT_IP ==" vault_unseal done } vault_authorize_charm() { VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '` echo "=== Create token by $VAULT_UNIT_IP ===" export CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` echo "=== Authorizing charm ===" juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN" } ### Init vault vault_init ### Unseal all vault instances vault_unseal_all echo "=== Waiting 30s ===" sleep 30 ### Authorize charm vault_authorize_charm -
Jun 16, 2021 . 1 changed file with 8 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,7 +3,7 @@ if ! type vault >/dev/null 2>&1; then "Please install vault. $ snap install vaul export VAULT_KEYS_PATH="vault-keys.txt" vault_init() { VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH} } @@ -13,19 +13,23 @@ vault_unseal() { } ### Init vault echo "=== Initializing Vault ===" vault_init ### Unseal all vault instances for i in 0 1 2; do echo "== Unsealing vault/$i ==" VAULT_UNIT_IP=$(juju run --unit vault/$i "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" vault_unseal done echo "=== Waiting 10s ===" sleep 5 ### Authorize charm echo "=== Authorizing charm ===" VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '` export CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` -
Jun 16, 2021 . 1 changed file with 28 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,32 @@ if ! type vault >/dev/null 2>&1; then "Please install vault. $ snap install vault"; exit 1; fi export VAULT_KEYS_PATH="vault-keys.txt" vault_init() { VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH} } vault_unseal() { for key in `cat ${VAULT_KEYS_PATH} |cut -f4 -d' '|head -3`; do vault operator unseal $key; done } ### Init vault vault_init ### Unseal all vault instances for i in 1 2 3; do VAULT_UNIT_IP=$(juju run --unit vault/$i "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" vault_unseal done sleep 5 ### Authorize charm VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '` export CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN" -
Jun 10, 2021 . No changes.There are no files selected for viewing
-
Jun 10, 2021 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ VAULT_UNIT_IP=$(juju run --unit vault/1 "network-get access --ingress-address=true"); export VAULT_ADDR="http://$VAULT_UNIT_IP:8200" export VAULT_KEYS_PATH="vault-keys.txt" vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH} for key in `cat ${VAULT_KEYS_PATH} |cut -f4 -d' '|head -3`; do vault operator unseal $key; done export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '` export CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN" -
Jun 9, 2021 . 1 changed file with 4 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ export VAULT_ADDR="http://<IP of vault unit>:8200" export VAULT_KEYS_PATH="vault-keys.txt" vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH} for key in `cat ${VAULT_KEYS_PATH} |cut -f4 -d' '|head -3`; do vault operator unseal $key; done export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '` export CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN" -
May 14, 2021 . 1 changed file with 4 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,7 @@ VAULT_ADDR="http://<IP of vault unit>:8200" VAULT_KEYS_PATH="vault-keys.txt" vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH} for key in `cat ${VAULT_KEYS_PATH} |cut -f4 -d' '|head -3`; do vault operator unseal $key; done VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '` CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN" -
Apr 26, 2021 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,6 @@ VAULT_ADDR="http://<IP of vault unit>:8200" vault operator init -key-shares=5 -key-threshold=3 > vault.txt for key in `cat vault.txt |cut -f4 -d' '|head -3`; do vault operator unseal $key; done VAULT_TOKEN=`cat vault.txt |grep 'Initial Root Token'|cut -f4 -d' '` CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'` juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN"