ca87702466
feat: ensure vault restarts with ssl cert
...
- ensure the vault service resource subscribes to the ssl crt/key
- update unseal script to retry unseal process until it completes
2024-10-27 12:59:36 +11:00
dafac3d5ab
fix: require vault-unseal.service
...
- wrong service name specified
2024-08-07 22:05:50 +10:00
7863d54275
feat: auto-unseal vault every hour
...
- add cron job to run vault unsealing service hourly
2024-08-06 22:51:16 +10:00
7c0bf4a398
feat: vault use vault
...
- change vault to use vault ephemeral certificates
- remove nginx frontend to vault
2024-05-26 01:06:48 +10:00
6fc5829fce
feat: simple nginx proxy
...
- merge consul/vault nginx proxy into single class
- replace nginx proxy classes for consul/vault with simpleproxy class
2024-04-28 00:32:04 +10:00
3001bc32f2
feat: add sydney vault cluster
...
- separate yaml between multiple regions
- add nginx frontend to vault
2024-04-27 22:35:16 +10:00
974c8ce71d
Merge pull request 'fix: restart vault-unseal' ( #122 ) from neoloc/vault_unseal_on_change into develop
...
Reviewed-on: unkinben/puppet-prod#122
2024-02-25 20:03:26 +09:30
d1f5d3c09e
fix: restart vault-unseal
...
- restart vault-unseal when the unseal keys change
2024-02-25 21:32:01 +11:00
48e0bd6796
fix: vault role fails on new servers
...
- vault server fails on new servers
- move unseal class to be included after vault class
2024-02-25 21:06:37 +11:00
fe05c86463
feat: add vault server profile
...
- add vault module to puppetfile
- define class to manage the install and config of vault
- manage the datavol and raft storage
- manage the unzip and other compression tools
- define custom unseal script and service
- add documentation on initial setup of vault
2024-02-17 21:12:12 +11:00
