summaryrefslogtreecommitdiffstats
path: root/vault.service
blob: 70a2721482dcf4eae31732dd1e4a697538cf57d5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[Unit]
Description=Vault secret management service
After=network.target

[Service]
User=vault
Group=vault
WorkingDirectory=/var/lib/vault/
EnvironmentFile=/etc/sysconfig/vault
Environment=SHELL=/bin/bash
ExecStart=/bin/bash -c "export GOMAXPROCS=$$(nproc); exec /usr/bin/vault server $VAULT_SERVER_OPTS -config ${VAULT_CONFIG}"
ExecStartPost=/bin/bash -c "cat $VAULT_KEYS | sed -e 's/#.*$//' -e '/^\s*$/d' | while read key; do /usr/bin/vault unseal -address ${VAULT_ADDR} $VAULT_UNSEAL_OPTS $${key}; done"
CapabilityBoundingSet=CAP_IPC_LOCK
Restart=on-failure
SyslogIdentifier=vault

[Install]
WantedBy=multi-user.target