vaultfs

command module

v0.0.3 Latest Latest Go to latest Published: Dec 6, 2016 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/wrouesnel/vaultfs

Links

Open Source Insights

README ¶

VaultFS

This is a fork of the original VaultFS project.

VaultFS mounts arbitrary Vault prefixes in a FUSE filesystem. It also provides a Docker volume plugin to the do the same for your containers.

Table of Contents

VaultFS
Mounting
Docker
License

Installation

go get github.com/wrouesnel/vaultfs
env GOOS=linux go build github.com/wrouesnel/vaultfs

Usage

VaultFS is one binary that can mount keys or run a Docker volume plugin to do so for containers. Run vaultfs --help to see options not documented here.

Mounting

Usage:
  vaultfs mount {mountpoint} [flags]

Flags:
  -r, --root string   root path for mountpoint (default "secret")

Global Flags:
      --config string            config file (default /etc/vaultfs)
      --log-destination string   log destination (file:/your/output, stdout:, journald:, or syslog://tag@host:port#protocol) (default "stdout:")
      --log-format string        log level (one of text or json) (default "text")
      --log-level string         log level (one of fatal, error, warn, info, or debug) (default "info")
  -t, --token string             The Vault Server token

To mount secrets, first create a mountpoint (mkdir test), then use vaultfs to mount:

vaultfs mount --address=http://localhost:8200 -t 3a749a17-528e-e4b1-c28a-62e54f0098ae test

Docker

Usage:
  vaultfs docker {mountpoint} [flags]

Flags:
  -a, --address string   vault address (default "https://localhost:8200")
  -i, --insecure         skip SSL certificate verification
  -s, --socket string    socket address to communicate with docker (default "/run/docker/plugins/vault.sock")
  -t, --token string     vault token

Global Flags:
      --config string            config file (default /etc/vaultfs)
      --log-destination string   log destination (file:/your/output, stdout:, journald:, or syslog://tag@host:port#protocol) (default "stdout:")
      --log-format string        log level (one of text or json) (default "text")
      --log-level string         log level (one of fatal, error, warn, info, or debug) (default "info")

To start the Docker plugin, create a directory to hold mountpoints (mkdir test), then use vaultfs to start the server. When Docker volumes request a volume (docker run --volume-driver vault --volume {prefix}:/container/secret/path), the plugin will create mountpoints and manage FUSE servers automatically.

vaultfs docker --address=http://localhost:8200 -t 3a749a17-528e-e4b1-c28a-62e54f0098ae test

License

VaultFS is licensed under an Apache 2.0 License (see also: LICENSE)

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
docker
fs
logutil
vaultapi

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL