Skip to content

Latest commit

 

History

History
54 lines (41 loc) · 1.06 KB

README.md

File metadata and controls

54 lines (41 loc) · 1.06 KB

vault

A container to backup consul to s3. Backup runs on interval and has http trigger with auth.

Next steps:

  • Improve error handling
  • Get temp AWS creds from vault

Usage

Build and push container

$ make push

Helm chart

NOTE depends on nginx-ingress, external-dns, and kube-lego

Helm Deployment

Set config and secrets in values.yaml

consul:
  address: http://consul-consul.vault:8500
  backup_interval: 86400
aws:
  access_key: <access_key>
  secret_key: <secret_key>
  s3_bucket: <s3_bucket>
$ make deploy

Delete

$ make delete

Remote trigger

NOTE uses vault userpass for auth

$ vault auth-enable userpass
$ vault write auth/userpass/users/${VAULT_USER} \
  password=${VAULT_PASS} \
  policies=default
$ curl -u ${VAULT_USER}:${VAULT_PASS} https://${SERVICE}.${DOMAIN}