feat(vault): add port 8200 listener, consul SANs, consul service_registration
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful

- Add SAN altnames vault.service.consul and vault.query.consul to cert
- Add vault-direct HTTPS listener on port 8200 (TLS terminate, same cert)
- Add vault-consul HTTPRoute binding consul DNS names to port 8200 listener
- Add vault-direct port 8200 entrypoint to traefik-internal
- Switch service_registration from kubernetes to consul
  (consul-server.consul.svc.cluster.local:8500)
This commit is contained in:
2026-05-23 22:08:41 +10:00
parent ba40525017
commit 0d146dc942
4 changed files with 41 additions and 1 deletions
@@ -94,5 +94,7 @@ ports:
port: 80
websecure:
port: 443
vault-direct:
port: 8200
enabled: true
+3 -1
View File
@@ -40,7 +40,9 @@ server:
}
}
service_registration "kubernetes" {}
service_registration "consul" {
address = "consul-server.consul.svc.cluster.local:8500"
}
dataStorage:
enabled: true