Arif Ali
d7dc81cd18
* Added local repos for everything * Add focal related stuff to start migrating * Add/fix CIS related stuff * Update/fix juju model defaults * Add model defaults just before the juju deploy * Add new script to initialise vault * Update vault keys to current mode
31 lines
994 B
Bash
Executable File
31 lines
994 B
Bash
Executable File
#!/bin/bash
|
|
|
|
vault_vip=$(juju config vault vip)
|
|
echo export VAULT_ADDR="http://${vault_vip}:8200"
|
|
export VAULT_ADDR="http://${vault_vip}:8200"
|
|
|
|
vault operator init -key-shares=5 -key-threshold=3 > ../../secrets/vault.txt
|
|
|
|
echo " "
|
|
|
|
IPS=$(juju status vault --format json | jq '.applications.vault.units | to_entries[] | .value."public-address"' | sed s/\"//g)
|
|
|
|
for ip in $IPS;do
|
|
echo export VAULT_ADDR=http://${ip}:8200;
|
|
export VAULT_ADDR=http://${ip}:8200;
|
|
for vault_key in $(head -n3 ../../secrets/vault.txt | awk '{print $4}');do
|
|
echo vault operator unseal -tls-skip-verify $vault_key
|
|
vault operator unseal -tls-skip-verify $vault_key
|
|
done;
|
|
done;
|
|
|
|
initial_token=$(grep Initial ../../secrets/vault.txt | awk '{print $4}')
|
|
|
|
export VAULT_TOKEN=${initial_token}
|
|
|
|
vault token create -ttl=10m > ../../secrets/vault-token.txt
|
|
|
|
token=$(cat ../../secrets/vault-token.txt | grep token | head -n 1 | awk '{print $2}')
|
|
|
|
juju run-action --wait vault/leader authorize-charm token=${token}
|