feat: add default vault config

add default vault config

Signed-off-by: weichou1229 <[email protected]>

compose-builder/add-security.yml

@@ -121,9 +121,16 @@ services:
       VAULT_UI: "true"
       SKIP_SETCAP: "true"
       VAULT_LOCAL_CONFIG: |
+        listener "tcp" { 
+          address = "edgex-vault:8200" 
+          tls_disable = "1" 
+          cluster_address = "edgex-vault:8201" 
+        } 
         backend "file" {
-            path = "/vault/file"
+          path = "/vault/file"
         }
+        default_lease_ttl = "168h" 
+        max_lease_ttl = "720h"
         disable_mlock = true
     volumes:
       - edgex-init:/edgex-init:ro

docker-compose-arm64.yml

@@ -1324,11 +1324,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

docker-compose-with-app-sample-arm64.yml

@@ -1401,11 +1401,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

docker-compose-with-app-sample.yml

@@ -1401,11 +1401,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

docker-compose-zero-trust-arm64.yml

@@ -1155,11 +1155,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

docker-compose-zero-trust.yml

@@ -1155,11 +1155,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

docker-compose.yml

@@ -1324,11 +1324,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-arm64.yml

@@ -2362,11 +2362,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-keeper-arm64.yml

@@ -2281,11 +2281,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-keeper.yml

@@ -2281,11 +2281,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-mqtt-bus-arm64.yml

@@ -2427,11 +2427,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml

@@ -2346,11 +2346,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-mqtt-bus-keeper.yml

@@ -2346,11 +2346,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-mqtt-bus.yml

@@ -2427,11 +2427,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-perf-arm64.yml

@@ -1714,11 +1714,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf-perf.yml

@@ -1714,11 +1714,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14

taf/docker-compose-taf.yml

@@ -2362,11 +2362,7 @@ services:
       STAGEGATE_WAITFOR_TIMEOUT: 60s
       VAULT_ADDR: http://edgex-vault:8200
       VAULT_CONFIG_DIR: /vault/config
-      VAULT_LOCAL_CONFIG: |
-        backend "file" {
-            path = "/vault/file"
-        }
-        disable_mlock = true
+      VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n  address = \"edgex-vault:8200\" \n  tls_disable = \"1\" \n  cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n  path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n"
       VAULT_UI: "true"
     hostname: edgex-vault
     image: hashicorp/vault:1.14