Skip to content

Commit

Permalink
bump vault to 007
Browse files Browse the repository at this point in the history
  • Loading branch information
Ino Murko committed Dec 9, 2020
1 parent 5200d9e commit 0208061
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 28 deletions.
8 changes: 4 additions & 4 deletions contracts/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,21 +76,21 @@ services:
retries: 5

vault_server:
image: gcr.io/omisego-development/omgnetwork/vault:0.0.6
image: gcr.io/omisego-development/omgnetwork/vault:0.0.7
entrypoint: >
/bin/sh -c "
sleep 2
/home/vault/config/entrypoint.sh
/vault/config/entrypoint.sh
"
ports:
- "8200:8200"
links:
- "geth"
volumes:
- "./immutability/ca:/home/vault/ca:rw"
- "./immutability/ca:/vault/ca:rw"
- "./immutability/ca/certs/:/etc/ssl/certs/"
- "./immutability/config:/home/vault/config:rw"
- "./immutability/config:/vault/config:rw"
healthcheck:
test: vault status --tls-skip-verify
interval: 5s
Expand Down
10 changes: 5 additions & 5 deletions contracts/immutability/config/entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

# Vault running in the container must listen on a different port.

VAULT_CREDENTIALS="/home/vault/config/unseal.json"
VAULT_CREDENTIALS="/vault/config/unseal.json"

CONFIG_DIR="/home/vault/config"
CONFIG_DIR="/vault/config"

CA_CERT="$CONFIG_DIR/ca.crt"
CA_KEY="$CONFIG_DIR/ca.key"
Expand Down Expand Up @@ -108,7 +108,7 @@ function gencerts {

gencerts

nohup vault server -log-level=debug -config /home/vault/config/vault.hcl &
nohup vault server -log-level=debug -config /vault/config/vault.hcl &
VAULT_PID=$!

function unseal() {
Expand All @@ -126,8 +126,8 @@ function configure_plugin {

# just testing for now
plugin_file="${plugin_file}"
ls -latr /home/vault/plugins
sha256sum=`cat /home/vault/plugins/SHA256SUMS | awk '{print $1}'`
ls -latr /vault/plugins
sha256sum=`cat /vault/plugins/SHA256SUMS | awk '{print $1}'`
vault write sys/plugins/catalog/secret/${plugin_file} \
sha_256="$sha256sum" \
command="$plugin_file --ca-cert=$CA_CERT --client-cert=$TLS_CERT --client-key=$TLS_KEY"
Expand Down
10 changes: 5 additions & 5 deletions contracts/immutability/config/vault.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,17 @@ disable_mlock = "true"
max_lease_ttl = "720h"

backend "file" {
path = "/home/vault/config/data"
path = "/vault/config/data"
}

ui = "false"

api_addr = "https://localhost:8200"
plugin_directory = "/home/vault/plugins"
plugin_directory = "/vault/plugins"
listener "tcp" {
address = "0.0.0.0:8200"
tls_cert_file = "/home/vault/config/my-service.crt"
tls_client_ca_file = "/home/vault/config/ca.crt"
tls_key_file = "/home/vault/config/my-service.key"
tls_cert_file = "/vault/config/my-service.crt"
tls_client_ca_file = "/vault/config/ca.crt"
tls_key_file = "/vault/config/my-service.key"
tls_require_and_verify_client_cert = "false"
}
8 changes: 4 additions & 4 deletions contracts_reorg/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,18 +69,18 @@ services:
ipv4_address: 172.25.0.105

vault_server:
image: gcr.io/omisego-development/omgnetwork/vault:0.0.6
image: gcr.io/omisego-development/omgnetwork/vault:0.0.7
entrypoint: >
/bin/sh -c "
sleep 2
/home/vault/config/entrypoint.sh
/vault/config/entrypoint.sh
"
ports:
- "8200:8200"
volumes:
- "./immutability/ca:/home/vault/ca:rw"
- "./immutability/ca:/vault/ca:rw"
- "./immutability/ca/certs/:/etc/ssl/certs/"
- "./immutability/config:/home/vault/config:rw"
- "./immutability/config:/vault/config:rw"
healthcheck:
test: vault status --tls-skip-verify
interval: 5s
Expand Down
10 changes: 5 additions & 5 deletions contracts_reorg/immutability/config/entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

# Vault running in the container must listen on a different port.

VAULT_CREDENTIALS="/home/vault/config/unseal.json"
VAULT_CREDENTIALS="/vault/config/unseal.json"

CONFIG_DIR="/home/vault/config"
CONFIG_DIR="/vault/config"

CA_CERT="$CONFIG_DIR/ca.crt"
CA_KEY="$CONFIG_DIR/ca.key"
Expand Down Expand Up @@ -108,7 +108,7 @@ function gencerts {

gencerts

nohup vault server -log-level=debug -config /home/vault/config/vault.hcl &
nohup vault server -log-level=debug -config /vault/config/vault.hcl &
VAULT_PID=$!

function unseal() {
Expand All @@ -126,8 +126,8 @@ function configure_plugin {

# just testing for now
plugin_file="${plugin_file}"
ls -latr /home/vault/plugins
sha256sum=`cat /home/vault/plugins/SHA256SUMS | awk '{print $1}'`
ls -latr /vault/plugins
sha256sum=`cat /vault/plugins/SHA256SUMS | awk '{print $1}'`
vault write sys/plugins/catalog/secret/${plugin_file} \
sha_256="$sha256sum" \
command="$plugin_file --ca-cert=$CA_CERT --client-cert=$TLS_CERT --client-key=$TLS_KEY"
Expand Down
10 changes: 5 additions & 5 deletions contracts_reorg/immutability/config/vault.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,17 @@ disable_mlock = "true"
max_lease_ttl = "720h"

backend "file" {
path = "/home/vault/config/data"
path = "/vault/config/data"
}

ui = "false"

api_addr = "https://localhost:8200"
plugin_directory = "/home/vault/plugins"
plugin_directory = "/vault/plugins"
listener "tcp" {
address = "0.0.0.0:8200"
tls_cert_file = "/home/vault/config/my-service.crt"
tls_client_ca_file = "/home/vault/config/ca.crt"
tls_key_file = "/home/vault/config/my-service.key"
tls_cert_file = "/vault/config/my-service.crt"
tls_client_ca_file = "/vault/config/ca.crt"
tls_key_file = "/vault/config/my-service.key"
tls_require_and_verify_client_cert = "false"
}

0 comments on commit 0208061

Please sign in to comment.