mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-09 19:29:29 +08:00
46c675cd5f
Integrates Vault PKI service as a service addon. Also adds some helper scripts to help setup the CA in Vault, as well as some docs to explain how to use them. Originally based from https://github.com/mteodor/vault. Signed-off-by: Joao Matos <joao@tritao.eu> Co-authored-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>
43 lines
1.3 KiB
YAML
43 lines
1.3 KiB
YAML
# Copyright (c) Mainflux
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
# This docker-compose file contains optional Vault service for Mainflux platform.
|
|
# Since this is optional, this file is dependent of docker-compose file
|
|
# from <project_root>/docker. In order to run these services, execute command:
|
|
# docker-compose -f docker/docker-compose.yml -f docker/addons/vault/docker-compose.yml up
|
|
# from project root. Vault default port (8200) is exposed, so you can use Vault CLI tool for
|
|
# vault inspection and administration, as well as access the UI.
|
|
|
|
version: '3.7'
|
|
|
|
networks:
|
|
docker_mainflux-base-net:
|
|
external: true
|
|
|
|
volumes:
|
|
mainflux-vault-volume:
|
|
|
|
services:
|
|
vault:
|
|
image: vault:latest
|
|
container_name: mainflux-vault
|
|
ports:
|
|
- ${MF_VAULT_PORT}:8200
|
|
networks:
|
|
- docker_mainflux-base-net
|
|
volumes:
|
|
- mainflux-vault-volume:/vault/file
|
|
- mainflux-vault-volume:/vault/logs
|
|
- ./config.hcl:/vault/config/config.hcl
|
|
- ./entrypoint.sh:/entrypoint.sh
|
|
environment:
|
|
VAULT_ADDR: http://127.0.0.1:${MF_VAULT_PORT}
|
|
MF_VAULT_PORT: ${MF_VAULT_PORT}
|
|
MF_VAULT_UNSEAL_KEY_1: ${MF_VAULT_UNSEAL_KEY_1}
|
|
MF_VAULT_UNSEAL_KEY_2: ${MF_VAULT_UNSEAL_KEY_2}
|
|
MF_VAULT_UNSEAL_KEY_3: ${MF_VAULT_UNSEAL_KEY_3}
|
|
entrypoint: /bin/sh
|
|
command: /entrypoint.sh
|
|
cap_add:
|
|
- IPC_LOCK
|