Currently, api.nasqueron.org in production has those values,
but they're not committed in rOPS.
Add upstream
upstream vault {
server 172.27.27.7:8200;
# 2 servers should be added for HA, with a quorum for a Raft consensus
}Add to api.nasqueron.org
location /infra/security/pki/root/crl {
proxy_pass https://vault/v1/pki_root/crl;
include includes/proxy;
}
location /infra/security/pki/vault/crl {
proxy_pass https://vault/v1/pki_vault/crl;
include includes/proxy;
}
location /infra/security/pki/root/ca {
proxy_pass https://vault/v1/pki_root/ca;
include includes/proxy;
}
location /infra/security/pki/vault/ca {
proxy_pass https://vault/v1/pki_vault/ca;
include includes/proxy;
}