forked from ansible-community/ansible-vault
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvault_service_debian_init.j2
127 lines (116 loc) · 3.37 KB
/
vault_service_debian_init.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#!/bin/sh
# {{ ansible_managed }}
#
### BEGIN INIT INFO
# Provides: vault
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Vault secret management tool
# Description: Vault secret management tool
### END INIT INFO
PATH="{{ vault_bin_path }}:/usr/sbin:/usr/bin:/sbin:/bin"
DESC="Vault secret management tool"
NAME=vault
DAEMON="{{ vault_bin_path }}/$NAME"
PIDFILE=/var/run/$NAME/$NAME.pid
DAEMON_ARGS="server -config={{ vault_config_path if vault_use_config_path else vault_main_config }} -log-level={{ vault_log_level | lower }} {{ vault_exec_output }}"
USER={{ vault_user }}
SCRIPTNAME=/etc/init.d/$NAME
[ -x "$DAEMON" ] || exit 0
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
[ -f /etc/default/rcS ] && . /etc/default/rcS
. /lib/lsb/init-functions
mkrundir() {
[ ! -d /var/run/vault ] && mkdir -p /var/run/vault
chown $USER /var/run/vault
}
do_start() {
{% if vault_http_proxy -%}
export HTTP_PROXY={{ vault_http_proxy }}
{% endif -%}
{% if vault_https_proxy -%}
export HTTPS_PROXY={{ vault_https_proxy }}
{% endif -%}
{% if vault_no_proxy -%}
export NO_PROXY={{ vault_no_proxy }}
{% endif -%}
mkrundir
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --chuid $USER --background --make-pidfile --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --chuid $USER --background --make-pidfile --background \
--startas /bin/bash -- -c "exec $DAEMON $DAEMON_ARGS" \
|| return 2
RETVAL=0
for i in `seq 1 30`; do
if ! start-stop-daemon --quiet --stop --test --pidfile $PIDFILE --exec $DAEMON --user $USER; then
RETVAL=2
sleep 1
continue
fi
done
return "$RETVAL"
}
do_stop() {
if ("${DAEMON}" info 2>/dev/null | grep -q 'server = false' 2>/dev/null) ; then
"$DAEMON" leave
fi
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
rm -f $PIDFILE
return "$RETVAL"
}
do_reload() {
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
return 0
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart)
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0
;;
1) log_end_msg 1
;;
*) log_end_msg 1
;;
esac
;;
*)
log_end_msg 1
;;
esac
;;
status)
status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
: