32 lines
637 B
Markdown
32 lines
637 B
Markdown
# Vault Setup
|
|
|
|
This folder is intended for Dokploy deployment via `Dockerfile` (not docker-compose).
|
|
|
|
## Build/Run
|
|
|
|
Container image uses `vault/config/vault.hcl` and starts:
|
|
|
|
```bash
|
|
vault server -config=/vault/config/vault.hcl
|
|
```
|
|
|
|
Required runtime settings in Dokploy:
|
|
|
|
- add capability: `IPC_LOCK`
|
|
- mount persistent volume to `/vault/data`
|
|
- expose port `8200` (API)
|
|
- optionally expose `8201` (cluster)
|
|
|
|
## KV Layout
|
|
|
|
Vault stores environment variables in KV v2 under:
|
|
|
|
- `secret/shared/<env>`
|
|
- `secret/projects/<project>/<env>`
|
|
|
|
Examples:
|
|
|
|
- `secret/shared/prod`
|
|
- `secret/projects/backend/prod`
|
|
- `secret/projects/frontend/prod`
|