diff --git a/compose-builder/add-security.yml b/compose-builder/add-security.yml index 69bf9e92..7c303403 100644 --- a/compose-builder/add-security.yml +++ b/compose-builder/add-security.yml @@ -121,9 +121,16 @@ services: VAULT_UI: "true" SKIP_SETCAP: "true" VAULT_LOCAL_CONFIG: | + listener "tcp" { + address = "edgex-vault:8200" + tls_disable = "1" + cluster_address = "edgex-vault:8201" + } backend "file" { - path = "/vault/file" + path = "/vault/file" } + default_lease_ttl = "168h" + max_lease_ttl = "720h" disable_mlock = true volumes: - edgex-init:/edgex-init:ro diff --git a/docker-compose-arm64.yml b/docker-compose-arm64.yml index 74649dfe..5a140664 100644 --- a/docker-compose-arm64.yml +++ b/docker-compose-arm64.yml @@ -1324,11 +1324,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-with-app-sample-arm64.yml b/docker-compose-with-app-sample-arm64.yml index 12f9404d..c624bfb4 100644 --- a/docker-compose-with-app-sample-arm64.yml +++ b/docker-compose-with-app-sample-arm64.yml @@ -1401,11 +1401,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-with-app-sample.yml b/docker-compose-with-app-sample.yml index c13f418f..d29ec0cc 100644 --- a/docker-compose-with-app-sample.yml +++ b/docker-compose-with-app-sample.yml @@ -1401,11 +1401,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-zero-trust-arm64.yml b/docker-compose-zero-trust-arm64.yml index 9cde91cb..56090136 100644 --- a/docker-compose-zero-trust-arm64.yml +++ b/docker-compose-zero-trust-arm64.yml @@ -1155,11 +1155,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-zero-trust.yml b/docker-compose-zero-trust.yml index aeb727c5..6ac5ecda 100644 --- a/docker-compose-zero-trust.yml +++ b/docker-compose-zero-trust.yml @@ -1155,11 +1155,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose.yml b/docker-compose.yml index 9d3ab010..a19d406d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1324,11 +1324,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-arm64.yml b/taf/docker-compose-taf-arm64.yml index 99e54c59..36ec2d48 100644 --- a/taf/docker-compose-taf-arm64.yml +++ b/taf/docker-compose-taf-arm64.yml @@ -2362,11 +2362,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-keeper-arm64.yml b/taf/docker-compose-taf-keeper-arm64.yml index e3e28754..d5be2d9d 100644 --- a/taf/docker-compose-taf-keeper-arm64.yml +++ b/taf/docker-compose-taf-keeper-arm64.yml @@ -2281,11 +2281,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-keeper.yml b/taf/docker-compose-taf-keeper.yml index 2fa0885b..419d7a1c 100644 --- a/taf/docker-compose-taf-keeper.yml +++ b/taf/docker-compose-taf-keeper.yml @@ -2281,11 +2281,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus-arm64.yml b/taf/docker-compose-taf-mqtt-bus-arm64.yml index 9c02dda4..1b230c1b 100644 --- a/taf/docker-compose-taf-mqtt-bus-arm64.yml +++ b/taf/docker-compose-taf-mqtt-bus-arm64.yml @@ -2427,11 +2427,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml b/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml index 98b5d33f..aaf63ca8 100644 --- a/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml +++ b/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml @@ -2346,11 +2346,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus-keeper.yml b/taf/docker-compose-taf-mqtt-bus-keeper.yml index e9c6e8a7..02878ede 100644 --- a/taf/docker-compose-taf-mqtt-bus-keeper.yml +++ b/taf/docker-compose-taf-mqtt-bus-keeper.yml @@ -2346,11 +2346,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus.yml b/taf/docker-compose-taf-mqtt-bus.yml index 297f6e56..b232d602 100644 --- a/taf/docker-compose-taf-mqtt-bus.yml +++ b/taf/docker-compose-taf-mqtt-bus.yml @@ -2427,11 +2427,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-perf-arm64.yml b/taf/docker-compose-taf-perf-arm64.yml index 5f2b851d..843664b2 100644 --- a/taf/docker-compose-taf-perf-arm64.yml +++ b/taf/docker-compose-taf-perf-arm64.yml @@ -1714,11 +1714,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-perf.yml b/taf/docker-compose-taf-perf.yml index 5ca0eab4..a38d3540 100644 --- a/taf/docker-compose-taf-perf.yml +++ b/taf/docker-compose-taf-perf.yml @@ -1714,11 +1714,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf.yml b/taf/docker-compose-taf.yml index 7552ad32..16c4e788 100644 --- a/taf/docker-compose-taf.yml +++ b/taf/docker-compose-taf.yml @@ -2362,11 +2362,7 @@ services: STAGEGATE_WAITFOR_TIMEOUT: 60s VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config - VAULT_LOCAL_CONFIG: | - backend "file" { - path = "/vault/file" - } - disable_mlock = true + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14