Skip to content

scshitole/bigip-vault

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
as3
as3
 
 
templates
templates
 
 
README.md
README.md
 
 
f5.tf
f5.tf
 
 
hashistack.tf
hashistack.tf
 
 
iam.tf
iam.tf
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
ssh.tf
ssh.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 
vpc.tf
vpc.tf
 
 

Repository files navigation

F5 BIG-IP HashiCorp Vault Integration

This repo uses HashiCorp Vault to manage SSL Certificates

What does the repo uses ?

  • Repo uses F5 BIG-IP 14.X
  • HashiCorp Vault 1.5

How to use Repo ?

  • Git Clone repo using https://github.com/scshitole/bigip-vault.git
  • This will deploy F5 BIG-IP intance & install Vault on ubuntu on AWS
  • SSH into the ubuntu server and cd/tmp
  • Configure vault and use vaul agent
export VAULT_ADDR=http://127.0.0.1:8200
export VAULT_TOKEN=root
vault write pki/roles/web-certs allowed_domains=demo.com ttl=60s max_ttl=30m allow_subdomains=true 
vault auth enable approle
vault policy write app-pol app-pol.hcl
vault write auth/approle/role/web-certs policies="app-pol"
vault read -format=json auth/approle/role/web-certs/role-id | jq -r '.data.role_id' > roleID
vault write -f -format=json auth/approle/role/web-certs/secret-id | jq -r '.data.secret_id' > secretID
vault agent -config=agent-config.hcl -log-level=debug
  • Open a new terminal and SSH into the ubuntu server again.
  • Run the command bash stuff.sh this will deploy the AS3 rpm & VIP
  • Stop the vault agent and uncomment command = "bash updt.sh" in the file agent-config.hcl
  • Run vault agent -config=agent-config.hcl -log-level=debug to update the certs automatically

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages