I set up a vault to save some of my secrets on my IoT device. I use filesystem as the storage backend.
I’m getting Vault up on systemd. Every time the device starts, the Vault server is running. I also wrote a bash script to automate operations. With this script unlock the lock, run the secret engine (KV v1) and get Vault ready. I also added this script to systemd to runafter Vault service. My structures are as follows:
ExecStart=/usr/bin/vault server -config=/etc/vault.d/vault.hcl
ExecStop=/usr/bin/vault operator step-down
Description=Vault Initialization and Seal Manager
When I run my script via the command line, I have no problems but when I run it as a service (* systemctl start vault-seal-manager.service *), I get an error on the line where I run the KV secret engine. The error is as follows:
... Code: 400. Errors: * missing client token
I couldn’t understand why. When I run the script via the command line, I do not receive this error, but why do I get it when I run it as a service? How can I fix this error?