fix: wrong vault values yaml format was not configuring right

NIAEFEUP · Aug 14, 2024 · 784cd22 · 784cd22
1 parent 76fbc43
commit 784cd22
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 35 deletions.
diff --git a/services/vault/vault-dev-values.yaml b/services/vault/vault-dev-values.yaml
@@ -11,13 +11,5 @@ ui:
   targetPort: 8200
   externalPort: 8200
 
-ha:
-  enabled: true
-  raft:
-    enabled: true
-
-volumes:
-  - name: vault-secrets-volume  
-
 injector:
   enabled: "false"
diff --git a/services/vault/vault-prod-values.yaml b/services/vault/vault-prod-values.yaml
@@ -16,41 +16,42 @@ server:
     - name: tls
       mountPath: "/opt/vault/tls"
       readOnly: true
+  dataStorage:
+    enabled: true
+    size: 2Gi
+    storageClass: longhorn-locality-retain
+    mountPath: "/opt/vault/raft"
+    accessMode: ReadWriteOnce
+  ha:
+    enabled: true
+    raft:
+      enabled: true
+      replicas: 3
+      setNodeId: true
+      config: |
+        ui = true
+        disable_mlock = true # avoids out of memory errors by blocking swapping of its virtual pages
+    
+        listener "tcp" {
+          address = "0.0.0.0:8200"
+          cluster_address = "0.0.0.0:8201"
+          tls_disable = "false"
+          tls_cert_file      = "/opt/vault/tls/tls.crt"
+          tls_key_file       = "/opt/vault/tls/tls.key"
+          tls_client_ca_file = "/opt/vault/tls/ca.crt" # certificate of the CA root
+        }
+
+        storage "raft" {
+          path = "/opt/vault/raft"
+        }
 
 ui:
   enabled: true
   serviceType: "LoadBalancer"
   targetPort: 8200
   externalPort: 8200
 
-dataStorage:
-  enabled: true
-  size: 2Gi
-  storageClass: longhorn-locality-retain
-  mountPath: "/opt/vault/raft"
-  accessMode: ReadWriteOnce
 
-ha:
-  enabled: true
-  config: |
-    ui = true
-    disable_mlock = true # avoids out of memory errors by blocking swapping of its virtual pages
-    
-    listener "tcp" {
-      address = "0.0.0.0:8200"
-      cluster_address = "0.0.0.0:8201"
-      tls_disable = false
-      tls_cert_file      = "/opt/vault/tls/tls.crt"
-      tls_key_file       = "/opt/vault/tls/tls.key"
-      tls_client_ca_file = "/opt/vault/tls/ca.crt" # certificate of the CA root
-    }
-
-    storage "raft" {
-      path = "/opt/vault/raft"
-    }
-  raft:
-    enabled: true
-    replicas: 3
 
 injector:
   enabled: "false"