flibusta-apps/vault-unseal-docker
1
0
Fork 0
mirror of https://github.com/flibusta-apps/vault-unseal-docker.git synced 2025-12-06 14:45:37 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
617cc8ef88a5a47cf2b240ca05a495d3376f2b7e
vault-unseal-docker/vault-unseal.sh
Brett Jones 87f91bdd4c fix bash/sh issues, update docs
2017-01-16 13:43:43 -06:00

38 lines
1.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
VAULT_KEYS="$VAULT_UNSEAL_KEY_1 $VAULT_UNSEAL_KEY_2 $VAULT_UNSEAL_KEY_3 $VAULT_UNSEAL_KEY_4 $VAULT_UNSEAL_KEY_5 $VAULT_UNSEAL_KEY_6 $VAULT_UNSEAL_KEY_7 $VAULT_UNSEAL_KEY_8 $VAULT_UNSEAL_KEY_9 $VAULT_UNSEAL_KEY_10 $VAULT_UNSEAL_KEY_11 $VAULT_UNSEAL_KEY_12 $VAULT_UNSEAL_KEY_13 $VAULT_UNSEAL_KEY_14 $VAULT_UNSEAL_KEY_15"
i=0
for k in $VAULT_KEYS; do
# https://github.com/hashicorp/vault/blob/c44f1c9817955d4c7cd5822a19fb492e1c2d0c54/command/status.go#L107
# code reflects the seal status (0 unsealed, 2 sealed, 1 error).
i=$((i+1))
vault status;
st=$?
if [ $st -eq 0 ]; then
echo "vault is unsealed"
exit 0
elif [ $st -eq 2 ]; then
echo "vault is sealed"
echo "unsealing with key $i"
if [ -z "$k" ]; then
echo "ran out of vault uneal keys at $i (VAULT_UNSEAL_KEY_$i is missing). terminating..."
exit 1
fi
vault unseal "$k" > /dev/null
code=$?
if [ $? -ne 0 ] ; then
echo "unseal returned a bad exit code ($code). terminating..."
exit $code
fi
elif [ $st -eq 1 ]; then
echo "vault returned an error"
exit 1
fi
done
Reference in New Issue View Git Blame Copy Permalink