Last active
April 3, 2020 22:42
-
-
Save vishalnayak/ede786fe91f775868c93dabc1342453e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -aex | |
| pkill -9 vault || true | |
| sleep 2s | |
| cat > /tmp/vaultconfig.hcl -<<EOF | |
| storage "raft" { | |
| path = "/tmp/raft1" | |
| node_id = "raft1" | |
| } | |
| listener "tcp" { | |
| address = "127.0.0.1:8200" | |
| tls_disable = true | |
| } | |
| cluster_addr = "http://127.0.0.1:8201" | |
| disable_mlock = true | |
| pid_file = "/tmp/vault.pid" | |
| EOF | |
| rm -rf /tmp/raft1 | |
| rm -rf /tmp/raft2 | |
| rm -rf /tmp/raft3 | |
| mkdir /tmp/raft1 | |
| mkdir /tmp/raft2 | |
| mkdir /tmp/raft3 | |
| VAULT_API_ADDR=http://127.0.0.1:8200 vault server -log-level=trace -config /tmp/vaultconfig.hcl > /tmp/raft1.log 2>&1 & | |
| while ! nc -w 1 localhost 8200 </dev/null; do sleep 1; done | |
| initResult=$(vault operator init -format json -key-shares 1 -key-threshold 1) | |
| unsealKey=$(echo -n $initResult | jq -r '.unseal_keys_b64[0]') | |
| rootToken=$(echo -n $initResult | jq -r '.root_token') | |
| vault operator unseal $unsealKey | |
| sleep 10s | |
| vault status | |
| vault login $rootToken | |
| vault secrets enable kv | |
| vault kv put kv/foo bar=baz | |
| kill -9 $(cat /tmp/vault.pid) | |
| cat > /tmp/raft1/raft/peers.json -<<EOF | |
| [ | |
| { | |
| "id": "raft1", | |
| "address": "127.0.0.1:8201", | |
| "non_voter": true | |
| } | |
| ] | |
| EOF | |
| VAULT_API_ADDR=http://127.0.0.1:8200 vault server -log-level=trace -config /tmp/vaultconfig.hcl > /tmp/recovered.log 2>&1 & | |
| while ! nc -w 1 localhost 8200 </dev/null; do sleep 1; done | |
| vault operator unseal $unsealKey |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment