This extension helps you to easily store and retrieve settings for your project.
The preferred way to install this extension through composer.
You can set the console
~$ composer require "nohnaimer/yii2-vault-project-configuration" --prefer-dist
or add
"require": {
"nohnaimer/yii2-vault-project-configuration": "0.1.*"
}
in require
section in composer.json
file.
For store php-fpm environment variables from system (macOS, Linux, Unix) need to uncomment clear_env = no string in /etc/php/php-fpm.d/www.conf
Need add environment variables:
VAULT_ADDR=https://vault.url/
VAULT_TOKEN=token
VAULT_KV_PATH=/kv
docker-compose example:
...
php:
image: php:latest
container_name: php
restart: on-failure
working_dir: /var/www
environment:
VAULT_ADDR: https://127:0:0:1:8200/
VAULT_TOKEN: hvs.hrpvk3rEpD2HaHckeb976Ppw
volumes:
- .:/var/www:cached
depends_on:
- postgres
...
And need to init key value storage in Hashicorp Vault use api or web gui with VAULT_KV_PATH string.
bootstrap.php
...
const PROJECT_CONFIGURATION_USE_DEFAULT = YII_ENV_DEV;
...
$db_name = config('db.name', 'site-db-name');
$db_host = config('db.host', 'localhost');
return [
'components' => [
'db' => [
'class' => 'yii\db\Connection',
'dsn' => "mysql:host={$db_host};dbname={$db_name}",
'username' => config('db.username', 'root'),
'password' => config('db.password', '****'),
'enableSchemaCache' => true,
'charset' => 'utf8',
],
],
];
Where is secret /kv/db and key name, host, username, password. Delimiter - .
Use yii2-setting classes to add or delete data from vault use yii2 migrations.
return [
'components' => [
'vault' => [
'class' => nohnaimer\config\storage\VaultStorage::class,
'kv' => [
'class' => nohnaimer\vault\services\KVv1::class,
'path' => '/kv',
'client' => [
'class' => nohnaimer\vault\Client::class,
'url' => 'url',
'token' => 'token',
],
],
],
],
];
You can use something like this:
class m221103_161325_vault_init extends Migration
{
/**
* {@inheritdoc}
*/
public function safeUp()
{
$vault = Yii::$app->vault;
//add
$vault->setValue('/my/secret/key', 'value');
//delete secret with all keys
$vault->deleteValue('/my/secret/key');
}
}
yii2-vault-project-configuration it is available under a BSD 3-Clause License. Detailed information can be found in the LICENSE.md
.