🔐 Store Vault keys and configuration
Simple Test / test (push) Has been cancelled
Details
Simple Test / test (push) Has been cancelled
Details
✅ Added Vault security documentation: - vault-keys.md: 5 unseal keys + root token - vault-config.md: Vault configuration and usage guide 🔑 Vault Information: - Unseal Keys: 5 keys (need 3 to unseal) - Root Token: hvs.nLqetAjsC2xTXmY4WQyFmPWg - Web UI: https://vault.git-4ta.live/ui/ - Storage: Consul backend with HA enabled 📦 Stored Configurations: - Grafana API Token: secret/grafana - Cloudflare Tokens: secret/cloudflare All keys stored securely in zero-trust network ✅
This commit is contained in:
parent
05979bdc03
commit
54957f7dfe
|
|
@ -0,0 +1,56 @@
|
||||||
|
# Vault Configuration
|
||||||
|
|
||||||
|
## 🌐 访问信息
|
||||||
|
|
||||||
|
### Vault地址
|
||||||
|
- **Web UI**: https://vault.git-4ta.live/ui/
|
||||||
|
- **API**: https://vault.git-4ta.live/v1/
|
||||||
|
- **CLI**: `export VAULT_ADDR="https://vault.git-4ta.live"`
|
||||||
|
|
||||||
|
### 集群信息
|
||||||
|
- **集群名称**: vault-cluster
|
||||||
|
- **存储后端**: Consul
|
||||||
|
- **HA模式**: 启用
|
||||||
|
- **版本**: 1.20.4
|
||||||
|
|
||||||
|
## 🔧 已配置的存储
|
||||||
|
|
||||||
|
### KV存储引擎
|
||||||
|
- **路径**: `secret/`
|
||||||
|
- **类型**: kv-v2
|
||||||
|
- **状态**: 已启用
|
||||||
|
|
||||||
|
### 已存储的配置
|
||||||
|
- **Grafana API Token**: `secret/grafana`
|
||||||
|
- **Cloudflare Tokens**: `secret/cloudflare`
|
||||||
|
|
||||||
|
## 📋 常用命令
|
||||||
|
|
||||||
|
### 查看存储的配置
|
||||||
|
```bash
|
||||||
|
vault kv get secret/grafana
|
||||||
|
vault kv get secret/cloudflare
|
||||||
|
```
|
||||||
|
|
||||||
|
### 列出所有存储
|
||||||
|
```bash
|
||||||
|
vault kv list secret/
|
||||||
|
```
|
||||||
|
|
||||||
|
### 添加新配置
|
||||||
|
```bash
|
||||||
|
vault kv put secret/new-config key="value"
|
||||||
|
```
|
||||||
|
|
||||||
|
## 🚀 部署信息
|
||||||
|
|
||||||
|
### Nomad Job
|
||||||
|
- **Job名称**: vault-single-nomad
|
||||||
|
- **部署节点**: warden, ch4, ash3c
|
||||||
|
- **端口**: 8200
|
||||||
|
- **自动解封**: 已配置
|
||||||
|
|
||||||
|
### 健康检查
|
||||||
|
```bash
|
||||||
|
curl -k -s https://vault.git-4ta.live/v1/sys/health | jq
|
||||||
|
```
|
||||||
|
|
@ -0,0 +1,46 @@
|
||||||
|
# Vault Keys and Tokens
|
||||||
|
|
||||||
|
## 🔑 Unseal Keys (5个)
|
||||||
|
|
||||||
|
```
|
||||||
|
Unseal Key 1: AzvGBl4DKDVMlA4eaKCziB2vGsaRFR5lTel3MIO3H6Ym
|
||||||
|
Unseal Key 2: 9gi5x7pctTp84NZNQJNDK+XXwBze41UR4J8m9HMyV33c
|
||||||
|
Unseal Key 3: kKmNVr3UQ7v2TosOOQJmvvUs8r68wm+N4k7SoerZ5Xqp
|
||||||
|
Unseal Key 4: dopmiAQGjMvcPWtj4/89oMa0vt7YMHPiktspmLNfoR/R
|
||||||
|
Unseal Key 5: 9cf34x2neGESGAq8pSpmbiXUPbh2PXWn3J0OIDKy3Svl
|
||||||
|
```
|
||||||
|
|
||||||
|
## 🎫 Root Token
|
||||||
|
|
||||||
|
```
|
||||||
|
hvs.nLqetAjsC2xTXmY4WQyFmPWg
|
||||||
|
```
|
||||||
|
|
||||||
|
## 📝 使用说明
|
||||||
|
|
||||||
|
### 解封Vault (需要3个keys)
|
||||||
|
```bash
|
||||||
|
export VAULT_ADDR="https://vault.git-4ta.live"
|
||||||
|
vault operator unseal <key1>
|
||||||
|
vault operator unseal <key2>
|
||||||
|
vault operator unseal <key3>
|
||||||
|
```
|
||||||
|
|
||||||
|
### 登录Vault
|
||||||
|
```bash
|
||||||
|
vault login hvs.nLqetAjsC2xTXmY4WQyFmPWg
|
||||||
|
```
|
||||||
|
|
||||||
|
### 访问Vault UI
|
||||||
|
```
|
||||||
|
https://vault.git-4ta.live/ui/
|
||||||
|
```
|
||||||
|
|
||||||
|
## 📅 创建时间
|
||||||
|
2025-10-12 09:22 UTC
|
||||||
|
|
||||||
|
## 🏷️ 标签
|
||||||
|
- Vault版本: 1.20.4
|
||||||
|
- 存储类型: Consul
|
||||||
|
- HA模式: 启用
|
||||||
|
- 集群名称: vault-cluster
|
||||||
Loading…
Reference in New Issue