33 lines
983 B
Bash
Executable File
33 lines
983 B
Bash
Executable File
#!/bin/bash
|
|
|
|
vault_file="vault-secrets.txt"
|
|
vault_token_file="vault-token.txt"
|
|
|
|
vault_vip=$(juju config vault vip)
|
|
|
|
export VAULT_ADDR="http://${vault_vip}:8200"
|
|
|
|
vault operator init -key-shares=5 -key-threshold=3 > ${vault_file}
|
|
|
|
IPS=$(juju status vault --format json | jq -r '.applications.vault.units | to_entries[].value."public-address"')
|
|
|
|
for ip in $IPS;do
|
|
echo export VAULT_ADDR=http://${ip}:8200;
|
|
export VAULT_ADDR=http://${ip}:8200;
|
|
for vault_key in $(head -n3 ${vault_file} | awk '{print $4}');do
|
|
echo vault operator unseal -tls-skip-verify $vault_key
|
|
vault operator unseal -tls-skip-verify $vault_key
|
|
done;
|
|
done;
|
|
|
|
initial_token=$(grep Initial ${vault_file} | awk '{print $4}')
|
|
|
|
export VAULT_ADDR="http://${vault_vip}:8200"
|
|
export VAULT_TOKEN=${initial_token}
|
|
|
|
vault token create -ttl=10m > ${vault_token_file}
|
|
|
|
token=$(cat ${vault_token_file} | grep token | head -n 1 | awk '{print $2}')
|
|
|
|
juju run-action --wait vault/leader authorize-charm token=${token}
|