# Vault environment configuration for fish shell

# Vault server address
set -gx VAULT_ADDR "https://vault.anvil.it.com"

# Use token from systemd service
set -gx VAULT_TOKEN (cat /var/lib/vault/vault-token 2>/dev/null; or echo "")

# Skip TLS verification if needed
set -gx VAULT_SKIP_VERIFY true

# Vault functions
function vault-status
    echo "Vault Address: $VAULT_ADDR"
    set token_ttl (vault token lookup -format=json 2>/dev/null | jq -r '.data.ttl // "Invalid/Expired"')
    echo "Token Status: $token_ttl"
    if systemctl is-active vault-agent >/dev/null
        echo "Agent Status: Running"
    else
        echo "Agent Status: Not Running"
    end
end

function vault-refresh-token
    set -gx VAULT_TOKEN (cat /var/lib/vault/vault-token 2>/dev/null; or echo "")
    echo "Token refreshed from agent"
end

# Aliases
alias vs='vault-status'
alias vr='vault-refresh-token'