2022-01-11 14:33:19 +00:00
|
|
|
[Unit]
|
|
|
|
|
Description=Vault Container
|
|
|
|
|
After=docker.service
|
|
|
|
|
After=dockerdata.mount
|
|
|
|
|
Requires=docker.service
|
|
|
|
|
Requires=dockerdata.mount
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
TimeoutStartSec=0
|
|
|
|
|
Restart=always
|
|
|
|
|
ExecStartPre=-/usr/bin/docker stop vault
|
|
|
|
|
ExecStartPre=-/usr/bin/docker rm vault
|
|
|
|
|
ExecStartPre=-/usr/bin/docker pull vault:latest
|
|
|
|
|
ExecStart=/usr/bin/docker run \
|
|
|
|
|
-e VAULT_DISABLE_MLOCK=true \
|
2022-01-11 15:34:19 +00:00
|
|
|
-e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "listener": [{"tcp":{"address": "0.0.0.0:8200", "tls_disable": "true"}}], "default_lease_ttl": "168h", "max_lease_ttl": "720h", "ui": "true"}' \
|
2022-01-11 14:33:19 +00:00
|
|
|
-e "VAULT_API_ADDR=https://vault.t-juice.club" \
|
|
|
|
|
-l "traefik.enable=true" \
|
|
|
|
|
-l "traefik.http.routers.vault.rule=Host(`vault.t-juice.club`)" \
|
|
|
|
|
-l "traefik.http.routers.vault.tls=true" \
|
|
|
|
|
-l "traefik.http.routers.vault.tls.certresolver=le" \
|
2022-01-11 15:23:20 +00:00
|
|
|
-l "traefik.http.services.vault.loadbalancer.server.port=8200" \
|
2022-01-11 14:33:19 +00:00
|
|
|
-v /dockerdata/vault:/vault/file \
|
|
|
|
|
--network proxy \
|
|
|
|
|
--name vault vault:latest server
|
|
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
|
WantedBy=multi-user.target
|
