Initial vault agent configuration

2025-09-11 17:08:03 +09:00
commit 8cb0384c54
13 changed files with 196 additions and 0 deletions
--- a/agent.hcl
+++ b/agent.hcl
@@ -0,0 +1,31 @@
+pid_file = "/home/kaffa/vault/pidfile"
+
+vault {
+  address = "https://vault.anvil.it.com"
+}
+
+auto_auth {
+  method "approle" {
+    config = {
+      role_id_file_path = "/home/kaffa/vault/config/role-id"
+      secret_id_file_path = "/home/kaffa/vault/config/secret-id"
+      remove_secret_id_file_after_reading = false
+    }
+  }
+
+  sink "file" {
+    config = {
+      path = "/home/kaffa/vault/vault-token"
+      mode = 0644
+    }
+  }
+}
+
+cache {
+  use_auto_auth_token = true
+}
+
+listener "tcp" {
+  address = "127.0.0.1:8007"
+  tls_disable = true
+}