Initial vault agent configuration

2025-09-11 17:08:03 +09:00
commit 8cb0384c54
13 changed files with 196 additions and 0 deletions
--- a/vault-env.sh
+++ b/vault-env.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+# Vault environment configuration for bash/zsh
+
+# Vault server address
+export VAULT_ADDR="https://vault.anvil.it.com"
+
+# Use token from systemd service
+export VAULT_TOKEN=$(cat /var/lib/vault/vault-token 2>/dev/null || echo "")
+
+# Skip TLS verification if needed
+export VAULT_SKIP_VERIFY=true
+
+# Vault functions
+vault-status() {
+    echo "Vault Address: $VAULT_ADDR"
+    echo "Token Status: $(vault token lookup -format=json 2>/dev/null | jq -r '.data.ttl // "Invalid/Expired"')"
+    systemctl is-active vault-agent >/dev/null && echo "Agent Status: Running" || echo "Agent Status: Not Running"
+}
+
+vault-refresh-token() {
+    export VAULT_TOKEN=$(cat /var/lib/vault/vault-token 2>/dev/null || echo "")
+    echo "Token refreshed from agent"
+}
+
+alias vs='vault-status'
+alias vr='vault-refresh-token'