59 lines
1.2 KiB
Text
59 lines
1.2 KiB
Text
# Vault Service Default Configuration
|
|
|
|
let vault_schema = import "../vault-service.ncl" in
|
|
|
|
{
|
|
vault_service | vault_schema.VaultServiceConfig = {
|
|
server = {
|
|
host = "127.0.0.1",
|
|
port = 9094,
|
|
workers = 4,
|
|
keep_alive = 75,
|
|
max_connections = 100,
|
|
},
|
|
|
|
storage = {
|
|
backend = "filesystem",
|
|
path = "/var/lib/provisioning/vault/data",
|
|
encryption_key_path = "/var/lib/provisioning/vault/master.key",
|
|
},
|
|
|
|
vault = {
|
|
server_url = "http://localhost:9094",
|
|
storage_backend = "filesystem",
|
|
deployment_mode = "Embedded",
|
|
mount_point = "transit",
|
|
key_name = "provisioning-master",
|
|
tls_verify = false,
|
|
},
|
|
|
|
ha = {
|
|
enabled = false,
|
|
mode = "raft",
|
|
},
|
|
|
|
security = {
|
|
encryption_algorithm = "aes-256-gcm",
|
|
key_rotation_days = 90,
|
|
},
|
|
|
|
monitoring = {
|
|
enabled = false,
|
|
metrics_interval = 60,
|
|
},
|
|
|
|
logging = {
|
|
level = "info",
|
|
format = "json",
|
|
},
|
|
|
|
# Docker Build Configuration
|
|
build = {
|
|
package = "vault-service",
|
|
binary = "provisioning-vault-service",
|
|
port = 9094,
|
|
features = [],
|
|
extra_runtime_pkgs = ["libssl3"],
|
|
},
|
|
},
|
|
}
|