Hello @Wolfsrudel !
And thanks again for the help !
I didn’t know that there was a official image of vault on the docker hub.
Now I know that so I’ve created a docker-compose.yaml file like that :
version: '3.3'
services:
vault:
image: vault:latest
ports:
- 8200:8200
volumes:
- ./vault/config:/vault/config
- ./vault/policies:/vault/policies
- ./vault/data:/vault/data
- ./vault/logs:/vault/logs
- ./vault/volume_test/:/vault/volume_test
- ./vault/certs:/vault/certs
environment:
- VAULT_ADDR=https://192.168.56.10:8200
command :
- "server"
cap_add:
- IPC_LOCK
I’ve my vault-config.hcl file :
backend "file" {
path = "/var/lib/vault"
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = 0
tls_cert_file = "/home/xxx/Vault-Docker/domain.crt"
tls_key_file = "/home/xxx/Vault-Docker/domain.key"
}
ui = true
disable_mlock = true
api_addr = "https://192.168.56.10:8200"
If I run the docker-compose build command without the line tls_cert_file and tls_key_file and replacing the https by http in my docker-compose file and my vault.hcl file, all is working correctly.
If I run the docker-compose command with the line tls_cert_file and tls_key_file and with the https in place of http, the logs of my container is :
Error initializing listener of type tcp: error loading TLS cert: open /home/xxx/Vault-Docker/domain.crt: no such file or directory
While when I run this command :
vault server -config vault-config.hcl
With the line tls_cert_file and tls_key_file and with the https in my files ( like shown in the docker-compose.yaml file and vault-conf.hcl in this reply ), all works fine.
I do all my manipulations on a ubuntu 20.04 VM in which I want to create a docker container with vault. I don’t really understand why in the first case (via the docker compose command ) I can’t set up a container with vault in https.
Thanks again for the help you provide at the beginner that I am.