tepichord/evolved-npcs-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
evolved-npcs-infra/hc_vault/README.md
vandomej 517af2d402 Adding existing vault code
2025-09-27 19:13:52 -07:00

52 lines
No EOL
989 B
Markdown
Raw Blame History

# Setup
Make sure you have `podman` and `podman-compose` installed.
```bash
brew install podman podman-compose
```
Make sure the needed directories exists:
```bash
mkdir -p ./hc_vault/vault_data
mkdir -p ./hc_vault/certs
mkdir -p ./ssl-certs
```
Generate tailscale certs and place them in ssl-certs folder
```bash
tailscale cert <machine-name>.<network-name>
cp ~/Library/Containers/io.tailscale.ipn.macos/Data/<network-name>* ./
```
Then rename them to:
- tailscale-cert.crt
- tailscale-key.key
Then generate a self-signed root CA and use it to sign the Vault server cert:
```bash
brew install mkcert nss
mkcert -install
mkcert -key-file ./hc_vaut/certs/vault.key -cert-file ./hc_cault/certs/vault.crt \
"*.faun-snapper.ts.net" \
"faun-snapper.ts.net" \
127.0.0.1 \
"localhost" \
"::1" \
"vault"
# Copy Root CA cert as well
cp "$(mkcert -CAROOT)/rootCA.pem" ./hc_vault/certs/rootCA.pem
```
Then just run
```bash
podman-compose up -d
```
Reference in a new issue View git blame Copy permalink