mdma4d/laravel-vault

Laravel HashiCorp Vault integration (secrets, database dynamic creds, encryption, hashing)

Maintainers

Details

github.com/mdma4d/laravel-vault

Source

Issues

Installs: 5

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.0 2024-09-15 17:27 UTC

Requires

MIT ab57f3250d22a7e787954f87b210898cda9c1160

  • Dmytro Rudiy <mdma4d.woop@gmail.com>

This package is auto-updated.

Last update: 2025-05-11 13:11:48 UTC

README

Installation

Add the package via composer

composer require mdma4d/laravel-vault

Usage with Laravel

Add the Service Provider

Add the following to the providers array in your application config:

Mdma4d\Vault\VaultServiceProvider::class,

Configure Hashicorp Vault

Create approle to access Hashicorp Vault.

Create KV secrets engine with laravel configuration

{
  "app": {
    "key": "base64:cYrLP5mFSK1S5P1OQwk3tA16x2Uwkzf8Wxb5azBhcdE="
  },
  "database.connections.mysql": {
    "database": "laravel",
    "host": "mysql"
  },
  "hashing": {
    "driver": "vault",
    "old": "bcrypt"
  }
}

app.key contains old app key to decrypt old cryptograms

Create transit engine for encryption and hashing

Create databases engine, connection and role to connect to mysql

Set the environment variables

VAULT_ADDR=https://vault:8200
VAULT_ROLE_ID=14c64adb-80ff-1d90-da6a-9f991a76b5e0
VAULT_SECRET_ID=a3ba16c5-aec1-965b-e5b3-360acad8b799
VAULT_CONFIG=/v1/kv/laravel
VAULT_TRANSIT_PATH=/v1/laravel
VAULT_TRANSIT_KEY=key
VAULT_DATABASE=/v1/database/creds/laravel