jesus/provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
provisioning/schemas/platform/configs/vault-service.enterprise.ncl

53 lines
1.1 KiB
Plaintext
Raw Normal View History

chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/
2026-01-08 09:55:37 +00:00
# Vault Service - Enterprise Mode Configuration
# Production HA, etcd cluster backend, full security
let vault_schema = import "../schemas/vault-service.ncl" in
{
vault | vault_schema.VaultServiceConfig = {
server = {
host = "0.0.0.0",
port = 8200,
workers = 16,
keep_alive = 75,
max_connections = 500,
},
storage = {
backend = "etcd",
path = "/var/lib/provisioning/vault/data",
encryption_key_path = "/var/lib/provisioning/vault/master.key",
},
vault = {
server_url = "https://vault-ha:8200",
storage_backend = "etcd",
deployment_mode = "Service",
mount_point = "transit",
key_name = "provisioning-enterprise",
tls_verify = true,
tls_ca_cert = "/etc/vault/ca.crt",
},
ha = {
enabled = true,
mode = "raft",
},
security = {
encryption_algorithm = "aes-256-gcm",
key_rotation_days = 30,
},
monitoring = {
enabled = true,
metrics_interval = 30,
},
logging = {
level = "info",
format = "json",
},
},
}
Reference in New Issue Copy Permalink