Bridgeman-Accessible/custom-hashicorp-vault
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added loading unseal keys on restart
All checks were successful
Build and deploy Bridgeman Accessible Hashicorp Vault Implementation / deploy (push) Successful in 15s
Details

Browse source
This commit is contained in:
Alan Bridgeman 2025-12-28 16:23:04 -06:00
parent 3e1cf563a8
commit d7f4a94362
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
setup-scripts/prod-setup.py
View file

@ -192,6 +192,16 @@ def main():
else: else:
print('Vault is already initialized. Skipping initialization and setup...') print('Vault is already initialized. Skipping initialization and setup...')
if os.path.exists('/vault/creds/unseal-keys'):
unseal_keys = []
with open('/vault/creds/unseal-keys', 'r') as f:
unseal_keys = f.read().splitlines()
initializer.unseal_keys = unseal_keys
else:
raise RuntimeError('Unseal keys file is missing. Cannot unseal the vault.')
# Check if the vault is already unsealed (we assume it's already setup properly if it is) # Check if the vault is already unsealed (we assume it's already setup properly if it is)
if initializer.is_vault_sealed(): if initializer.is_vault_sealed():
initializer.unseal_vault() initializer.unseal_vault()