32 lines
1.1 KiB
Bash
Executable File
32 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
||
# 显示开发环境Vault密钥信息
|
||
|
||
echo "===== Vault开发环境密钥信息 ====="
|
||
|
||
# 检查密钥文件是否存在
|
||
if [ ! -f "/root/mgmt/security/secrets/vault/dev/init_keys.json" ]; then
|
||
echo "错误:Vault密钥文件不存在"
|
||
echo "请先运行初始化脚本:/root/mgmt/deployment/scripts/init_vault_dev.sh"
|
||
exit 1
|
||
fi
|
||
|
||
# 显示密钥信息
|
||
echo "Vault开发环境密钥信息:"
|
||
echo "----------------------------------------"
|
||
|
||
# 提取并显示解封密钥
|
||
unseal_key=$(cat /root/mgmt/security/secrets/vault/dev/init_keys.json | grep -o '"unseal_keys_b64":\["[^"]*"' | cut -d '"' -f4)
|
||
echo "解封密钥: $unseal_key"
|
||
|
||
# 提取并显示根令牌
|
||
root_token=$(cat /root/mgmt/security/secrets/vault/dev/init_keys.json | grep -o '"root_token":"[^"]*"' | cut -d '"' -f4)
|
||
echo "根令牌: $root_token"
|
||
|
||
echo "----------------------------------------"
|
||
echo "环境变量设置命令:"
|
||
echo "export VAULT_ADDR='http://100.117.106.136:8200'"
|
||
echo "export VAULT_TOKEN='$root_token'"
|
||
|
||
echo ""
|
||
echo "注意:这是开发环境配置,仅用于测试目的"
|
||
echo "生产环境请遵循安全策略文档中的建议" |