├── .gitignore
├── README.md
├── Dockerfile
├── run.sh
└── docker-compose.yml


/.gitignore:
--------------------------------------------------------------------------------
1 | .idea/
2 | target/
3 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # docker-vault
2 | 
3 | Vault example using docker and docker-compose that waits on vault to initialize before creating vault secrets.
4 | 


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM ubuntu:20.04
 2 | RUN apt-get update && apt-get install -y software-properties-common curl gnupg2 && \
 3 |   curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - && \
 4 |   apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
 5 |   apt-get update && apt-get install -y \
 6 |   vault && \
 7 |   setcap cap_ipc_lock= /usr/bin/vault
 8 | 
 9 | COPY run.sh ./
10 | CMD ./run.sh
11 | 


--------------------------------------------------------------------------------
/run.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | VAULT_RETRIES=5
 4 | echo "Vault is starting..."
 5 | until vault status > /dev/null 2>&1 || [ "$VAULT_RETRIES" -eq 0 ]; do
 6 | 	echo "Waiting for vault to start...: $((VAULT_RETRIES--))"
 7 | 	sleep 1
 8 | done
 9 | 
10 | echo "Authenticating to vault..."
11 | vault login token=vault-plaintext-root-token
12 | 
13 | echo "Initializing vault..."
14 | vault secrets enable -version=2 -path=my.secrets kv
15 | 
16 | echo "Adding entries..."
17 | vault kv put my.secrets/dev username=test_user
18 | vault kv put my.secrets/dev password=test_password
19 | 
20 | echo "Complete..."
21 | 


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | services:
 2 |   
 3 |   vault-server:
 4 |     image: hashicorp/vault:latest
 5 |     ports:
 6 |       - "8200:8200"
 7 |     environment:
 8 |       VAULT_ADDR: "http://0.0.0.0:8200"
 9 |       VAULT_DEV_ROOT_TOKEN_ID: "vault-plaintext-root-token"
10 |     cap_add:
11 |       - IPC_LOCK
12 |     networks:
13 |       vault-network:
14 |         ipv4_address: 172.21.0.10
15 |         aliases:
16 |           - vault-server
17 | 
18 |   vault-client:
19 |     build: .
20 |     environment:
21 |       VAULT_ADDR: "http://vault-server:8200"
22 |     networks:
23 |       vault-network:
24 |         ipv4_address: 172.21.0.20
25 |         aliases:
26 |           - vault-client
27 | 
28 | networks:
29 |   vault-network:
30 |     ipam:
31 |       config:
32 |         - subnet: 172.21.0.0/24
33 | 


--------------------------------------------------------------------------------