kacerr/home-kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vault: deployment manifest, some docs, backup script - expected to run

Browse Source 
on docker host
This commit is contained in:
Jan Novak
2026-01-14 14:48:09 +01:00
parent b5e1f4b737
commit 90a44bd59f
9 changed files with 214 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docker-30/vault/backup.md Normal file
View File

@@ -0,0 +1,35 @@
## vault-cli install
```bash
VAULT_VERSION="1.21.2"
wget https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip
unzip vault_${VAULT_VERSION}_linux_amd64.zip
sudo mv vault /usr/local/bin/
```
## minio-cli
```bash
wget https://dl.min.io/client/mc/release/linux-amd64/mc -O /tmp/minio-cli
chmod +x /tmp/minio-cli
sudo mv /tmp/minio-cli /usr/local/bin/minio-cli
minio-cli alias set synology http://192.168.0.2:9000 k8s ----proper secret here----
```
## backup token
```bash
mkdir -p /etc/vault.d/
vault policy write backup - <<EOF
path "sys/storage/raft/snapshot" {
capabilities = ["read"]
}
EOF
vault token create -policy=backup -period=8760h -orphan > /etc/vault.d/backup-token
chmod 600 /etc/vault.d/backup-token
```