-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.yml
53 lines (50 loc) · 1.42 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
version: '3'
services:
vault:
build:
context: ./vault/src
container_name: vault
ports:
- 8200:8200
# environment:
# VAULT_REDIRECT_INTERFACE: eth0
cap_add:
- IPC_LOCK
volumes:
- ${PWD}/vault/data:/vault/data
networks:
default:
aliases:
- vault.example.com
vault-init:
build:
context: ./src
container_name: vault_init
environment:
VAULT_ENDPOINT: http://vault.example.com:8200
VAULT_ADMIN_PASSWORD: admin
VAULT_ADMIN_USERNAME: admin
# VAULT_UNSEAL_KEY_PATH: /vault/keys/unseal.key
AWS_KMS_KEY_ID: "key-id"
AWS_SECRET_ID: "vault-seal-key"
# AWS_ENDPOINT: http://host.docker.internal:4584
AWS_ACCESS_KEY_ID: " "
AWS_SECRET_ACCESS_KEY: " "
AWS_REGION: us-east-1
volumes:
- ${PWD}/vault/keys:/vault/keys
- ${PWD}/src/plugins/aws-secretsmanager-store.sh:/usr/local/bin/aws-secretsmanager-store.sh
- ${PWD}/src/plugins/aws-secretsmanager-retrieve.sh:/usr/local/bin/aws-secretsmanager-retrieve.sh
localstack:
image: localstack/localstack
container_name: localstack
ports:
- 4584:4584
environment:
- LOCALSTACK_SERVICES=secretsmanager
- DEBUG=1
- DATA_DIR=localstack/data
- DOCKER_HOST=unix:///var/run/docker.sock
volumes:
- ${PWD}/localstack/tmp:/tmp/localstack
- ${PWD}/localstack/data:/home/localstack/data