Page MenuHomeDevCentral

Publish Vault certificate information
Open, Needs TriagePublic

Description

Currently, api.nasqueron.org in production has those values,
but they're not committed in rOPS.

Add upstream
upstream vault {
    server 172.27.27.7:8200;
    # 2 servers should be added for HA, with a quorum for a Raft consensus
}
Add to api.nasqueron.org
location /infra/security/pki/root/crl {
    proxy_pass https://vault/v1/pki_root/crl;
    include includes/proxy;
}

location /infra/security/pki/vault/crl {
    proxy_pass https://vault/v1/pki_vault/crl;
    include includes/proxy;
}

location /infra/security/pki/root/ca {
    proxy_pass https://vault/v1/pki_root/ca;
    include includes/proxy;
}

location /infra/security/pki/vault/ca {
    proxy_pass https://vault/v1/pki_vault/ca;
    include includes/proxy;
}