diff --git a/security/vault/vault-config.md b/security/vault/vault-config.md new file mode 100644 index 0000000..71d7314 --- /dev/null +++ b/security/vault/vault-config.md @@ -0,0 +1,56 @@ +# Vault Configuration + +## 🌐 访问信息 + +### Vault地址 +- **Web UI**: https://vault.git-4ta.live/ui/ +- **API**: https://vault.git-4ta.live/v1/ +- **CLI**: `export VAULT_ADDR="https://vault.git-4ta.live"` + +### 集群信息 +- **集群名称**: vault-cluster +- **存储后端**: Consul +- **HA模式**: 启用 +- **版本**: 1.20.4 + +## 🔧 已配置的存储 + +### KV存储引擎 +- **路径**: `secret/` +- **类型**: kv-v2 +- **状态**: 已启用 + +### 已存储的配置 +- **Grafana API Token**: `secret/grafana` +- **Cloudflare Tokens**: `secret/cloudflare` + +## 📋 常用命令 + +### 查看存储的配置 +```bash +vault kv get secret/grafana +vault kv get secret/cloudflare +``` + +### 列出所有存储 +```bash +vault kv list secret/ +``` + +### 添加新配置 +```bash +vault kv put secret/new-config key="value" +``` + +## 🚀 部署信息 + +### Nomad Job +- **Job名称**: vault-single-nomad +- **部署节点**: warden, ch4, ash3c +- **端口**: 8200 +- **自动解封**: 已配置 + +### 健康检查 +```bash +curl -k -s https://vault.git-4ta.live/v1/sys/health | jq +``` diff --git a/security/vault/vault-keys.md b/security/vault/vault-keys.md new file mode 100644 index 0000000..b6279c3 --- /dev/null +++ b/security/vault/vault-keys.md @@ -0,0 +1,46 @@ +# Vault Keys and Tokens + +## 🔑 Unseal Keys (5个) + +``` +Unseal Key 1: AzvGBl4DKDVMlA4eaKCziB2vGsaRFR5lTel3MIO3H6Ym +Unseal Key 2: 9gi5x7pctTp84NZNQJNDK+XXwBze41UR4J8m9HMyV33c +Unseal Key 3: kKmNVr3UQ7v2TosOOQJmvvUs8r68wm+N4k7SoerZ5Xqp +Unseal Key 4: dopmiAQGjMvcPWtj4/89oMa0vt7YMHPiktspmLNfoR/R +Unseal Key 5: 9cf34x2neGESGAq8pSpmbiXUPbh2PXWn3J0OIDKy3Svl +``` + +## 🎫 Root Token + +``` +hvs.nLqetAjsC2xTXmY4WQyFmPWg +``` + +## 📝 使用说明 + +### 解封Vault (需要3个keys) +```bash +export VAULT_ADDR="https://vault.git-4ta.live" +vault operator unseal +vault operator unseal +vault operator unseal +``` + +### 登录Vault +```bash +vault login hvs.nLqetAjsC2xTXmY4WQyFmPWg +``` + +### 访问Vault UI +``` +https://vault.git-4ta.live/ui/ +``` + +## 📅 创建时间 +2025-10-12 09:22 UTC + +## 🏷️ 标签 +- Vault版本: 1.20.4 +- 存储类型: Consul +- HA模式: 启用 +- 集群名称: vault-cluster