luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
3985 commits 1 branch 0 tags 214 MiB
Commit graph

812 commits

Author SHA1 Message Date
Sean Chittenden 3228d25c65 Add a small bit of wording re: disable_registration 
Consul service registration for Vault requires Consul 0.6.4.
 2016-04-25 18:01:13 -07:00
Sean Chittenden dd3219ec56 Provide documentation and example output 2016-04-25 18:01:13 -07:00
Sean Chittenden 60006f550f Various refactoring to clean up code organization 
Brought to you by: Dept of 2nd thoughts before pushing enter on `git push`
 2016-04-25 18:01:13 -07:00
Sean Chittenden 0c23acb818 Comment nits 2016-04-25 18:00:54 -07:00
Jeff Mitchell c12dcba9bc Merge pull request #1266 from sepiroth887/azure_backend 
added Azure Blobstore backend support
 2016-04-25 15:53:09 -04:00
Jeff Mitchell 0f0a6ae368 Merge pull request #1282 from rileytg/patch-1 
change github example team to admins
 2016-04-25 15:45:01 -04:00
Seth Vargo da1735e396
Do not allow referrer to modify the parent 
http://mathiasbynens.github.io/rel-noopener/
 2016-04-22 23:41:09 -04:00
Sean Chittenden f6bec6e017 Wordsmith the docs around the list command. 
Prompted by: feedback from conference attendees at PGConf '16
 2016-04-20 18:13:58 -04:00
Jeff Mitchell 4e53f4b1a4 Use UseNumber() on json.Decoder to have numbers be json.Number objects 
instead of float64. This fixes some display bugs.
 2016-04-20 18:38:20 +00:00
Jeff Mitchell ee8dd1ab6a Add vault-php-sdk to libraries page 2016-04-20 13:59:39 +00:00
Jeff Mitchell d7ba52f86b Backtick "region" in S3 config 2016-04-15 17:03:35 -04:00
vishalnayak 5c336297ad Provide clarity for output statements of idempotent calls. 2016-04-14 15:46:45 +00:00
vishalnayak b7178846c1 Clarify token-revoke operation 2016-04-14 15:34:01 +00:00
Seth Vargo 54c414abb2
Clarify delete operation 
One thing that has been a point of confusion for users is Vault's
response when deleting a key that does not actually exist in the system.
For example, consider:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo'

This message is misleading if the secret does not exist, especially if
the same command is run twice in a row.

Obviously the reason for this is clear - returning an error if a secret
does not exist would reveal the existence of a secret (the same reason
everything on S3 is a 403 or why GitHub repos 404 instead of 403 if you
do not have permission to view them).

I think we can make the UX a little bit better by adding just a few
words to the output:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo' if it existed

This makes it clear that the operation was only performed if the secret
existed, but it does not reveal any more information.
 2016-04-14 10:38:10 +01:00
Jeff Mitchell b90286996f Update cert website docs 2016-04-13 16:28:23 +00:00
Seth Vargo 2e13b1c033 Not strictly required 2016-04-12 21:55:04 +01:00
Seth Vargo 2926be9ca7 Add a page for step-by-step gpg/keybase 2016-04-12 21:44:07 +01:00
Simon Dick 66f84077d3 Should be renew not revoke 2016-04-12 14:04:26 +01:00
Adam Kunicki 7fb48fd2c8 Add unofficial client library written in Kotlin 
I've been working on a Vault client written in Kotlin. Still a work in progress but will soon be on-par with the official Ruby client.
 2016-04-11 09:37:42 -07:00
Christopher "Chief" Najewicz 67e8328a76 Update github doc with note about slugifying team 2016-04-10 11:11:40 -04:00
Kevin Pike 0bea2498a8 Remove example parameters 2016-04-08 09:49:10 -07:00
Kevin Pike a86e5e3cd9 Support verify_connection flag 2016-04-08 09:44:15 -07:00
Kevin Pike fc61a7695b Fix RabbitMQ documentation 
PostgreSQL -> RabbitMQ
 2016-04-08 09:30:20 -07:00
Kevin Pike 23492e9572 Fix RabbitMQ URLs 2016-04-08 09:29:00 -07:00
Kevin Pike 525b82544c Update docs layout with RabbitMQ 2016-04-08 09:26:16 -07:00
Kevin Pike e3db8c999e Merge branch 'master' of github.com:doubledutch/vault 2016-04-08 09:25:28 -07:00
Sean Chittenden 09ad6317ea Merge pull request #1297 from hashicorp/f-bsd-mlock 
F bsd mlock
 2016-04-06 13:57:34 -07:00
Jeff Mitchell 0f923d8da5 Merge pull request #1301 from gliptak/patch-3 
Update vault read output
 2016-04-06 11:26:55 -04:00
Gábor Lipták fa08142921 Update token-create/auth output 2016-04-06 11:14:27 -04:00
Gábor Lipták b2f4d95c27 Update toke-create output 2016-04-06 10:24:19 -04:00
Gábor Lipták f0d3f49601 Update vault read output 2016-04-06 09:13:39 -04:00
Sean Chittenden b08b57aba9 Clarify that Darwin and BSD are supported w/ mlock 
Word smith a tad.
 2016-04-05 22:18:44 -07:00
vishalnayak e3a1ee92b5 Utility Enhancements 2016-04-05 20:32:59 -04:00
Jeff Mitchell ebfc8c3fb1 Merge pull request #1293 from gliptak/patch-2 
Correct typo in base64 parameters
 2016-04-05 09:38:00 -04:00
Gábor Lipták ce2dd5d869 Correct typo in base64 parameters 2016-04-05 09:20:43 -04:00
Gábor Lipták a8edba907f Update transit read key output 2016-04-05 09:16:47 -04:00
Jeff Mitchell d72e462686 Merge pull request #1290 from steve-jansen/patch-2 
Adds note on GH-1102 fix to secret/aws doc
 2016-04-05 08:37:39 -04:00
Steve Jansen d2b3d924ca Adds note on GH-1102 fix to secret/aws doc 
Add note related to #1102, which leads to a non-obvious AWS error message on 0.5.0 or earlier.
 2016-04-04 21:30:41 -04:00
Steve Jansen 89c7f312e4 Fix typo in iam permission for STS 2016-04-04 21:20:26 -04:00
Riley Guerin 5620e00f9c fix typo 2016-04-01 07:49:25 -07:00
Riley Guerin 0fac5b906e change github example team to admins 
somewhat recently github has gone away from the previous model of an "owners" team 
https://help.github.com/articles/converting-your-previous-owners-team-to-the-improved-organization-permissions/

you can be an "Owner" of the org still but this does not map to vault as one *might* expect given these docs
 2016-04-01 07:48:54 -07:00
Jeff Mitchell 18c8b6eba8 Update 0.6 upgrade info 2016-04-01 10:11:32 -04:00
Jeff Mitchell 121a5b37f2 Add revoke-prefix changelog/website info 2016-04-01 10:06:29 -04:00
Jeff Mitchell 2efaf5272c Documentation update 2016-03-31 18:07:43 -04:00
Gérard de Vos eadf2faf83 Update index.html.md 
According to the source it is expecting a description. log_raw is one of the options.
 2016-03-31 14:19:03 +02:00
Gérard de Vos 13763203b6 Update index.html.md 
description -> log_raw
 2016-03-31 14:06:19 +02:00
Tobias Haag 175e3cc354 added Azure backend support 
updated Godeps
added website docs
updated vendor
 2016-03-30 19:49:38 -07:00
Jang-Soo "Bruce" Lee 36d22a0c8d Update consul.html.md 2016-03-30 09:57:14 -04:00
Vishal Nayak 9932efea08 Merge pull request #1268 from hashicorp/fix-audit-doc 
Fix audit docs
 2016-03-30 00:55:39 -04:00
vishalnayak 7a34cea28d Fix audit docs 2016-03-30 00:54:40 -04:00
Vishal Nayak 05b4c7102f Revert "Change mysql connection to match new" 2016-03-23 15:18:09 -04:00
Chris Mague e27bcaf9a4 Change mysql connection to match new 
Documentation update to reflect mysql config connection from the old to the newer format
 2016-03-23 12:09:06 -07:00
Amit Khare 218a713293 Update userpass.html.md 2016-03-23 10:47:28 -04:00
Christian Winther ec0af1c71d Update sys-step-down.html.md 2016-03-20 18:02:32 +01:00
Cem Ezberci 7ad97279d5 Fix a typo 2016-03-19 21:24:17 -07:00
Jeff Mitchell 5edad1137a Add some clarification to advertise_addr 2016-03-19 10:21:51 -04:00
Jeff Mitchell b4a4f211da Some generic docs updates 2016-03-18 09:57:21 -04:00
Jeff Mitchell 4211ed2845 Add exclude_cn_from_sans to PKI docs 2016-03-17 16:58:06 -04:00
Jeff Mitchell a92fc7988e Put old releases text back 2016-03-16 16:17:56 -04:00
Jeff Mitchell 786bce24b1 Remove us building Solaris binaries for the moment, as they don't build successfully 2016-03-16 15:47:55 -04:00
Vishal Nayak 2c0c901eac Merge pull request #1216 from hashicorp/userpass-update 
Userpass: Update the password and policies associated to user
 2016-03-16 14:58:28 -04:00
vishalnayak 2914ff7502 Use helper for existence check. Avoid panic by fetching default values for field data 2016-03-16 11:26:33 -04:00
vishalnayak 1513ade19a Added API documentation for userpass backend 2016-03-15 22:19:31 -04:00
Vishal Nayak 7db7b47fdd Merge pull request #1210 from hashicorp/audit-id-path 
Rename id to path and path to file_path, print audit backend paths
 2016-03-15 20:13:21 -04:00
Jeff Mitchell 747ab4b4d1 Merge pull request #1215 from hashicorp/issue-1212 
Add list support to certs in cert auth backend.
 2016-03-15 14:58:23 -04:00
Jeff Mitchell 21b2a658e2 Remove name param from docs 2016-03-15 14:58:10 -04:00
Jeff Mitchell 93c60ef707 Merge pull request #1196 from hashicorp/reload-listener-tls 
Add reload capability for Vault listener certs
 2016-03-15 14:09:34 -04:00
Jeff Mitchell 8bf935bc2b Add list support to certs in cert auth backend. 
Fixes #1212
 2016-03-15 14:07:40 -04:00
vishalnayak 65c1040149 Documentation to provide optional parameters to token store API 2016-03-14 19:36:53 -04:00
vishalnayak 1dedf8d0e3 Rename 'name' as 'path' in audit API docs 2016-03-14 18:33:51 -04:00
vishalnayak 71fc07833f Rename id to path and path to file_path, print audit backend paths 2016-03-14 17:15:07 -04:00
Jeff Mitchell a798bdb822 Update app-id docs to use new endpoint 2016-03-14 16:43:02 -04:00
Jeff Mitchell 9bfd24cd69 s/hash_accessor/hmac_accessor/g 2016-03-14 14:52:29 -04:00
Jeff Mitchell 9f5cc38ff7 Merge pull request #1208 from mhurne/aws-secret-backend-docs-fix 
AWS permissions documentation fixes
 2016-03-14 14:36:33 -04:00
Jeff Mitchell 0e3764832a Add test for listener reloading, and update website docs. 2016-03-14 14:05:47 -04:00
Matt Hurne 4ee6b04405 AWS permissions documentation fixes: add missing permissions needed to attach and detach managed policies to IAM users, add missing comma, remove extraneous comma 2016-03-14 09:39:32 -04:00
vishalnayak 0602bb25f1 Remove redundant variables 2016-03-11 21:36:38 -05:00
vishalnayak 3e9bffd84f Doc update for syslog and file backends 2016-03-11 21:14:39 -05:00
Jeff Mitchell 77b90c6745 Add query parameters to /sys/health to specify return codes. 
Fixes #1199
 2016-03-11 00:41:25 -05:00
Vishal Nayak 343e6f1671 Merge pull request #998 from chrishoffman/mssql 
Sql Server (mssql) secret backend
 2016-03-10 22:30:24 -05:00
Chris Hoffman 8c3539df35 Docs updates 2016-03-10 21:15:25 -05:00
Chris Hoffman 5af33afd90 Adding verify_connection to config, docs updates, misc cleanup 2016-03-09 23:08:05 -05:00
Jeff Mitchell fa2ba47a5c Merge branch 'master' into token-roles 2016-03-09 17:23:34 -05:00
Jeff Mitchell 6df72e6efd Merge pull request #1168 from hashicorp/revoke-force 
Add forced revocation.
 2016-03-09 16:59:52 -05:00
Vishal Nayak b2ad836077 Merge pull request #1188 from hashicorp/token-accessors 
Accessor paths for lookup and revocation of tokens
 2016-03-09 15:38:21 -05:00
vishalnayak 007142262f Provide accessor to revove-accessor in the URL itself 2016-03-09 13:08:37 -05:00
Jeff Mitchell d571a1e85d Add website docs 2016-03-09 12:49:12 -05:00
AndrewBrown-JustEat c3a2238037 Minor documentation change 2016-03-09 14:50:23 +00:00
vishalnayak 926e7513d7 Added docs for /sys/capabilities-accessor 2016-03-09 09:48:32 -05:00
vishalnayak 7407c27778 Add docs for new token endpoints 2016-03-09 09:31:09 -05:00
Jeff Mitchell 123d7b71d4 Add a necessary IAM permission to the example 2016-03-08 21:29:34 -05:00
vishalnayak 3b463c2d4e use errwrap to check the type of error message, fix typos 2016-03-07 18:36:26 -05:00
Jeff Mitchell cc1f5207b3 Merge branch 'master' into token-roles 2016-03-07 10:03:54 -05:00
vishalnayak 73943546c3 Documentation for capabilities and capabilities-self APIs 2016-03-07 06:13:56 -05:00
Jeff Mitchell 3e7bca82a1 Merge pull request #1146 from hashicorp/step-down 
Provide 'sys/step-down' and 'vault step-down'
 2016-03-03 12:30:08 -05:00
Jeff Mitchell 5c55c34d6b Update cubbyhole text to be more explicit. 
Fixes #1165
 2016-03-03 10:58:58 -05:00
Chris Hoffman 0b4a8f5b94 Adding mssql secret backend 2016-03-03 09:19:17 -05:00
Jeff Mitchell 7c5f810bc0 Address first round of feedback 2016-03-01 15:30:37 -05:00
Jeff Mitchell 02362a5873 Update token documentation 2016-03-01 14:00:52 -05:00
vishalnayak fd585ecf8a removed datatype and corrected a sentense 2016-03-01 11:21:29 -05:00
vishalnayak 724823b8f7 zeroaddress documentation fix 2016-03-01 10:57:00 -05:00
Jeff Mitchell 3cc35a554b Update doc, it's now 10 seconds 2016-02-29 10:09:11 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down' 
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
 2016-02-26 19:43:55 -05:00
Jeff Mitchell 6207377f32 Update Vishal's info on the community page 2016-02-25 15:17:53 -05:00
Jeff Mitchell b61f43d34c Update documentation around VAULT_TLS_SERVER_NAME 2016-02-25 12:29:05 -05:00
Jeff Mitchell 8ca847c9b3 Be more explicit about buffer type 2016-02-24 22:05:39 -05:00
Jeff Mitchell 151eaf9ec0 Add documentation for pki/tidy 2016-02-24 21:31:29 -05:00
Jeff Mitchell 36672bbf1f Add information about the cert renewal enhancements to the upgrade guide 2016-02-24 21:24:20 -05:00
Jeff Mitchell 842f6670d1 Add upgrade information 2016-02-24 21:13:44 -05:00
vishalnayak 69bcbb28aa rename verify_cert as disable_binding and invert the logic 2016-02-24 21:01:21 -05:00
vishalnayak cf0156e5b4 documentation for the config endpoint 2016-02-24 17:13:24 -05:00
Jack Pearkes d065425f44 website: fix hover state for annc banner 2016-02-24 11:18:10 -08:00
Jack Pearkes c3fd1f8853 Merge pull request #1119 from hashicorp/jt-enterprise-bnr 
Vault Enterprise Banner and Nav
 2016-02-24 11:03:09 -08:00
captainill a83db21a77 website: announcement banner for vault enterprise 2016-02-24 10:59:31 -08:00
Matt Hurne f4d8852259 Add note that STS credentials can only be generated for user inline policies in AWS secret backend documentation 2016-02-23 09:06:52 -05:00
vishalnayak c9899a5300 postgres: connection_url fix 2016-02-22 11:22:49 -05:00
Kevin Pike 264c9cc40e Merge branch 'master' into rabbitmq 2016-02-21 14:55:06 -08:00
Kevin Pike c755065415 Add RabbitMQ secret backend 2016-02-21 14:52:57 -08:00
vishalnayak a43bd9131b changelog++ 2016-02-19 16:52:19 -05:00
vishalnayak 38b55bd8b1 Don't deprecate value field yet 2016-02-19 16:07:06 -05:00
vishalnayak 380b662c3d mysql: provide allow_verification option to disable connection_url check 2016-02-19 16:07:05 -05:00
Jeff Mitchell fef282f078 Some website config updates 2016-02-19 15:27:02 -05:00
Jeff Mitchell 50d3b68c8d Merge pull request #1078 from eyal-lupu/master 
ZooKeeper Backend: Authnetication and Authorization support
 2016-02-19 15:13:09 -05:00
Jeff Mitchell be073f8499 Update upgrade website section with information about the 0.5.1 PKI changes 2016-02-19 14:42:59 -05:00
Jeff Mitchell 7fc4ee1ed7 Disallow 1024-bit RSA keys. 
Existing certificates are kept but roles with key bits < 2048 will need
to be updated as the signing/issuing functions now enforce this.
 2016-02-19 14:33:02 -05:00
Jeff Mitchell 05b5ff69ed Address some feedback on ldap escaping help text 2016-02-19 13:47:26 -05:00
Jeff Mitchell c67871c36e Update LDAP documentation with a note on escaping 2016-02-19 13:16:18 -05:00
Jeff Mitchell 9f4273589f Remove root-protected references from transit docs 2016-02-18 12:45:18 -05:00
Jeff Mitchell 695a822545 Merge pull request #1075 from rajanadar/patch-14 
adding full response for intermediate/generate
 2016-02-18 10:16:53 -05:00
Jeff Mitchell c431c2204d Merge pull request #1074 from rajanadar/patch-13 
added missing fields to read role
 2016-02-18 10:16:14 -05:00
Eyal Lupu dd2c7a6bc8 Update index.html.md 
typo in docs
 2016-02-15 16:52:43 +00:00
Eyal Lupu c04b8ab287 Update index.html.md 
Documentation: Zookeeper authentication and ACLs
 2016-02-15 16:38:14 +00:00
Eyal Lupu 35074dff51 Update index.html.md 
Zookeeper authentication and authorization documentations
 2016-02-15 16:20:32 +00:00
Raja Nadar e7d20c0ef3 adding full response for intermediate/generate 
1. adding superset of fields in response, so that folks can see all possible response fields.
2. also added the less important "warnings" field
 2016-02-14 14:42:37 -08:00
Raja Nadar 2d918196ca added missing fields to read role 
added the lease and token type field to the read role response.
 2016-02-14 13:00:42 -08:00
Raja Nadar b0d05ebcb3 fixing response fields of /pki/issue 
1. added the private_key_type field
2. changed "serial" to "serial_number"
3. added the warnings field
 2016-02-14 12:41:43 -08:00
Jeff Minard 1985fa3313 Minor spelling fix 2016-02-13 08:41:16 -08:00
techraf 812736b475 Fixes typo 2016-02-12 22:34:07 +09:00
Jeff Mitchell aaed354aca Add note about client libraries to 0.5 upgrade page 2016-02-10 12:10:51 -05:00
Jeff Mitchell 69f7aca258 Add change of exit code for status to upgrade page 2016-02-10 08:01:54 -05:00
Vishal Nayak fff201014d Merge pull request #1021 from hashicorp/vault-seal-1006 
Sealing vault in standby mode
 2016-02-03 15:22:16 -05:00
Mukhtar Haji f27e691c6c Correct a small typo 2016-02-03 20:08:33 +00:00
vishalnayak eeea9710b6 Generalized the error message and updated doc 2016-02-03 15:06:18 -05:00
merri-j 3a996e11fd Add postgresql to bullet list of backends 2016-02-03 14:04:55 -05:00
Seth Vargo 4ca9d72f3a Link to blog post on using with CM 2016-02-02 18:00:39 -05:00
Jeff Mitchell 159754acf2 Use capabilities to determine upsert-ability in transit. 2016-02-02 10:03:14 -05:00
Jeff Mitchell 5ef8839e48 Revert "Re-add upsert into transit. Defaults to off and a new endpoint /config" 
This reverts commit dc27d012c0357f93bfd5bd8d480f3e229166307a.
 2016-02-02 09:26:25 -05:00
Jeff Mitchell 6e6382d410 Some rewording based on feedback 2016-02-01 20:24:28 -05:00
Jeff Mitchell f9bced579b +list of 2016-02-01 20:17:06 -05:00
Jeff Mitchell 66494faa3f Add an install/upgrade section. Add general and 0.5 upgrade procedures. 2016-02-01 20:17:06 -05:00