Module: Vault::Defaults

Defined in:

lib/vault/defaults.rb

Constant Summary

VAULT_ADDRESS =

The default vault address.

Returns:

• (String)

"https://127.0.0.1:8200".freeze

VAULT_DISK_TOKEN =

The path to the vault token on disk.

Returns:

• (String)

Pathname.new("~/.vault-token").expand_path.freeze

SSL_CIPHERS =

The list of SSL ciphers to allow. You should not change this value unless you absolutely know what you are doing!

Returns:

• (String)

"TLSv1.2:!aNULL:!eNULL".freeze

Class Method Summary

• .address ⇒ String

  The address to communicate with Vault.

• .open_timeout ⇒ String^?

  The number of seconds to wait when trying to open a connection before timing out.

• .options ⇒ Hash

  The list of calculated options for this configurable.

• .proxy_address ⇒ String^?

  The HTTP Proxy server address as a string.

• .proxy_password ⇒ String^?

  The HTTP Proxy user password as a string.

• .proxy_port ⇒ String^?

  The HTTP Proxy server port as a string.

• .proxy_username ⇒ String^?

  The HTTP Proxy server username as a string.

• .read_timeout ⇒ String^?

  The number of seconds to wait when reading a response before timing out.

• .ssl_ca_cert ⇒ String^?

  The path to the CA cert on disk to use for certificate verification.

• .ssl_ca_path ⇒ String^?

  The path to the directory on disk holding CA certs to use for certificate verification.

• .ssl_ciphers ⇒ String

  The ciphers that will be used when communicating with vault over ssl You should only change the defaults if the ciphers are not available on your platform and you know what you are doing.

• .ssl_pem_file ⇒ String^?

  The path to a pem on disk to use with custom SSL verification.

• .ssl_pem_passphrase ⇒ String^?

  The path to a pem on disk to use with custom SSL verification.

• .ssl_timeout ⇒ String^?

  The number of seconds to wait for connecting and verifying SSL.

• .ssl_verify ⇒ true, false

  Verify SSL requests (default: true).

• .timeout ⇒ String^?

  A default meta-attribute to set all timeout values - individually set timeout values will take precedence.

• .token ⇒ String^?

  The vault token to use for authentiation.

Class Method Details

.address ⇒ String

The address to communicate with Vault.

Returns:

• (String)

# File 'lib/vault/defaults.rb', line 27

def address
  ENV["VAULT_ADDR"] || VAULT_ADDRESS
end

.open_timeout ⇒ String^?

The number of seconds to wait when trying to open a connection before timing out

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 44

def open_timeout
  ENV["VAULT_OPEN_TIMEOUT"]
end

.options ⇒ Hash

The list of calculated options for this configurable.

Returns:

• (Hash)

# File 'lib/vault/defaults.rb', line 21

def options
  Hash[*Configurable.keys.map { |key| [key, public_send(key)] }.flatten]
end

.proxy_address ⇒ String^?

The HTTP Proxy server address as a string

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 50

def proxy_address
  ENV["VAULT_PROXY_ADDRESS"]
end

.proxy_password ⇒ String^?

The HTTP Proxy user password as a string

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 62

def proxy_password
  ENV["VAULT_PROXY_PASSWORD"]
end

.proxy_port ⇒ String^?

The HTTP Proxy server port as a string

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 68

def proxy_port
  ENV["VAULT_PROXY_PORT"]
end

.proxy_username ⇒ String^?

The HTTP Proxy server username as a string

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 56

def proxy_username
  ENV["VAULT_PROXY_USERNAME"]
end

.read_timeout ⇒ String^?

The number of seconds to wait when reading a response before timing out

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 74

def read_timeout
  ENV["VAULT_READ_TIMEOUT"]
end

.ssl_ca_cert ⇒ String^?

The path to the CA cert on disk to use for certificate verification

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 100

def ssl_ca_cert
  ENV["VAULT_CACERT"]
end

.ssl_ca_path ⇒ String^?

The path to the directory on disk holding CA certs to use for certificate verification

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 107

def ssl_ca_path
  ENV["VAULT_CAPATH"]
end

.ssl_ciphers ⇒ String

The ciphers that will be used when communicating with vault over ssl You should only change the defaults if the ciphers are not available on your platform and you know what you are doing

Returns:

• (String)

# File 'lib/vault/defaults.rb', line 82

def ssl_ciphers
  ENV["VAULT_SSL_CIPHERS"] || SSL_CIPHERS
end

.ssl_pem_file ⇒ String^?

The path to a pem on disk to use with custom SSL verification

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 88

def ssl_pem_file
  ENV["VAULT_SSL_CERT"]
end

.ssl_pem_passphrase ⇒ String^?

The path to a pem on disk to use with custom SSL verification

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 94

def ssl_pem_passphrase
  ENV["VAULT_SSL_CERT_PASSPHRASE"]
end

.ssl_timeout ⇒ String^?

The number of seconds to wait for connecting and verifying SSL

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 123

def ssl_timeout
  ENV["VAULT_SSL_TIMEOUT"]
end

.ssl_verify ⇒ true, false

Verify SSL requests (default: true)

Returns:

• (true, false)

# File 'lib/vault/defaults.rb', line 113

def ssl_verify
  if ENV["VAULT_SSL_VERIFY"].nil?
    true
  else
    %w[t y].include?(ENV["VAULT_SSL_VERIFY"].downcase[0])
  end
end

.timeout ⇒ String^?

A default meta-attribute to set all timeout values - individually set timeout values will take precedence

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 130

def timeout
  ENV["VAULT_TIMEOUT"]
end

.token ⇒ String^?

The vault token to use for authentiation.

Returns:

• (String, nil)

# File 'lib/vault/defaults.rb', line 33

def token
  if VAULT_DISK_TOKEN.exist? && VAULT_DISK_TOKEN.readable?
    VAULT_DISK_TOKEN.read
  else
    ENV["VAULT_TOKEN"]
  end
end