module Vault::Defaults
Constants
- DEFAULT_POOL_SIZE
The default size of the connection pool
- RETRIED_EXCEPTIONS
The set of exceptions that are detect and retried by default with `with_retries`
- RETRY_ATTEMPTS
The default number of attempts. @return [Fixnum]
- RETRY_BASE
The default backoff interval. @return [Fixnum]
- RETRY_MAX_WAIT
The maximum amount of time for a single exponential backoff to sleep.
- SSL_CIPHERS
The list of SSL ciphers to allow. You should not change this value unless you absolutely know what you are doing! @return [String]
- VAULT_ADDRESS
The default vault address. @return [String]
- VAULT_DISK_TOKEN
The path to the vault token on disk. @return [String]
Public Class Methods
The address to communicate with Vault
. @return [String]
# File lib/vault/defaults.rb, line 46 def address ENV["VAULT_ADDR"] || VAULT_ADDRESS end
The SNI host to use when connecting to Vault
via TLS. @return [String, nil]
# File lib/vault/defaults.rb, line 73 def hostname ENV["VAULT_TLS_SERVER_NAME"] end
The number of seconds to wait when trying to open a connection before timing out @return [String, nil]
# File lib/vault/defaults.rb, line 80 def open_timeout ENV["VAULT_OPEN_TIMEOUT"] end
The list of calculated options for this configurable. @return [Hash]
# File lib/vault/defaults.rb, line 40 def options Hash[*Configurable.keys.map { |key| [key, public_send(key)] }.flatten] end
The size of the connection pool to communicate with Vault
@return Integer
# File lib/vault/defaults.rb, line 86 def pool_size if var = ENV["VAULT_POOL_SIZE"] return var.to_i else DEFAULT_POOL_SIZE end end
The HTTP Proxy server address as a string @return [String, nil]
# File lib/vault/defaults.rb, line 96 def proxy_address ENV["VAULT_PROXY_ADDRESS"] end
The HTTP Proxy user password as a string @return [String, nil]
# File lib/vault/defaults.rb, line 108 def proxy_password ENV["VAULT_PROXY_PASSWORD"] end
The HTTP Proxy server port as a string @return [String, nil]
# File lib/vault/defaults.rb, line 114 def proxy_port ENV["VAULT_PROXY_PORT"] end
The HTTP Proxy server username as a string @return [String, nil]
# File lib/vault/defaults.rb, line 102 def proxy_username ENV["VAULT_PROXY_USERNAME"] end
The number of seconds to wait when reading a response before timing out @return [String, nil]
# File lib/vault/defaults.rb, line 120 def read_timeout ENV["VAULT_READ_TIMEOUT"] end
The path to the CA cert on disk to use for certificate verification @return [String, nil]
# File lib/vault/defaults.rb, line 158 def ssl_ca_cert ENV["VAULT_CACERT"] end
The path to the directory on disk holding CA certs to use for certificate verification @return [String, nil]
# File lib/vault/defaults.rb, line 171 def ssl_ca_path ENV["VAULT_CAPATH"] end
The CA cert store to use for certificate verification @return [OpenSSL::X509::Store, nil]
# File lib/vault/defaults.rb, line 164 def ssl_cert_store nil end
The ciphers that will be used when communicating with vault over ssl You should only change the defaults if the ciphers are not available on your platform and you know what you are doing @return [String]
# File lib/vault/defaults.rb, line 128 def ssl_ciphers ENV["VAULT_SSL_CIPHERS"] || SSL_CIPHERS end
The raw contents (as a string) for the pem file. To specify the path to the pem file, use {#ssl_pem_file} instead. This value is preferred over the value for {#ssl_pem_file}, if set. @return [String, nil]
# File lib/vault/defaults.rb, line 136 def ssl_pem_contents if ENV["VAULT_SSL_PEM_CONTENTS_BASE64"] Base64.decode64(ENV["VAULT_SSL_PEM_CONTENTS_BASE64"]) else ENV["VAULT_SSL_PEM_CONTENTS"] end end
The path to a pem on disk to use with custom SSL verification @return [String, nil]
# File lib/vault/defaults.rb, line 146 def ssl_pem_file ENV["VAULT_SSL_CERT"] || ENV["VAULT_SSL_PEM_FILE"] end
Passphrase to the pem file on disk to use with custom SSL verification @return [String, nil]
# File lib/vault/defaults.rb, line 152 def ssl_pem_passphrase ENV["VAULT_SSL_CERT_PASSPHRASE"] end
The number of seconds to wait for connecting and verifying SSL @return [String, nil]
# File lib/vault/defaults.rb, line 192 def ssl_timeout ENV["VAULT_SSL_TIMEOUT"] end
Verify SSL requests (default: true) @return [true, false]
# File lib/vault/defaults.rb, line 177 def ssl_verify # Vault CLI uses this envvar, so accept it by precedence if !ENV["VAULT_SKIP_VERIFY"].nil? return false end if ENV["VAULT_SSL_VERIFY"].nil? true else %w[t y].include?(ENV["VAULT_SSL_VERIFY"].downcase[0]) end end
A default meta-attribute to set all timeout values - individually set timeout values will take precedence @return [String, nil]
# File lib/vault/defaults.rb, line 199 def timeout ENV["VAULT_TIMEOUT"] end
The vault token to use for authentiation. @return [String, nil]
# File lib/vault/defaults.rb, line 52 def token if !ENV["VAULT_TOKEN"].nil? return ENV["VAULT_TOKEN"] end if VAULT_DISK_TOKEN.exist? && VAULT_DISK_TOKEN.readable? return VAULT_DISK_TOKEN.read.chomp end nil end