From 381f92323a4399fd122aae4bafa982e63dfff30e Mon Sep 17 00:00:00 2001
From: Kyle Penfound <kpenfound11@gmail.com>
Date: Thu, 4 Nov 2021 13:19:33 -0400
Subject: [PATCH] Add missing vault service file for linux package (#13049)

---
 .release/linux/package/etc/vault.d/vault.env  |  0
 .../usr/lib/systemd/system/vault.service      | 33 +++++++++++++++++++
 2 files changed, 33 insertions(+)
 create mode 100644 .release/linux/package/etc/vault.d/vault.env
 create mode 100644 .release/linux/package/usr/lib/systemd/system/vault.service

diff --git a/.release/linux/package/etc/vault.d/vault.env b/.release/linux/package/etc/vault.d/vault.env
new file mode 100644
index 000000000000..e69de29bb2d1
diff --git a/.release/linux/package/usr/lib/systemd/system/vault.service b/.release/linux/package/usr/lib/systemd/system/vault.service
new file mode 100644
index 000000000000..a91aba8cde37
--- /dev/null
+++ b/.release/linux/package/usr/lib/systemd/system/vault.service
@@ -0,0 +1,33 @@
+[Unit]
+Description="HashiCorp Vault - A tool for managing secrets"
+Documentation=https://www.vaultproject.io/docs/
+Requires=network-online.target
+After=network-online.target
+ConditionFileNotEmpty=/etc/vault.d/vault.hcl
+StartLimitIntervalSec=60
+StartLimitBurst=3
+
+[Service]
+EnvironmentFile=/etc/vault.d/vault.env
+User=vault
+Group=vault
+ProtectSystem=full
+ProtectHome=read-only
+PrivateTmp=yes
+PrivateDevices=yes
+SecureBits=keep-caps
+AmbientCapabilities=CAP_IPC_LOCK
+CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
+NoNewPrivileges=yes
+ExecStart=/usr/bin/vault server -config=/etc/vault.d/vault.hcl
+ExecReload=/bin/kill --signal HUP $MAINPID
+KillMode=process
+KillSignal=SIGINT
+Restart=on-failure
+RestartSec=5
+TimeoutStopSec=30
+LimitNOFILE=65536
+LimitMEMLOCK=infinity
+
+[Install]
+WantedBy=multi-user.target