nohnaimer / yii2-vault-project-configuration
This extension helps you to easily store and retrieve settings for your project with Hashicorp Vault backend.
Installs: 25
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 1
Type:yii2-extension
Requires
- php: >=7.1
- lav45/yii2-settings: 1.3.*
- nohnaimer/yii2-vault-client: 0.1.*
- yiisoft/yii2: >=2.0.13
Requires (Dev)
- roave/security-advisories: dev-master
Conflicts
This package is auto-updated.
Last update: 2024-11-21 13:57:19 UTC
README
This extension helps you to easily store and retrieve settings for your project.
Installation
The preferred way to install this extension through composer.
You can set the console
~$ composer require "nohnaimer/yii2-vault-project-configuration" --prefer-dist
or add
"require": {
"nohnaimer/yii2-vault-project-configuration": "0.1.*"
}
in require section in composer.json file.
Configuration
For store php-fpm environment variables from system (macOS, Linux, Unix) need to uncomment clear_env = no string in /etc/php/php-fpm.d/www.conf
Need add environment variables:
VAULT_ADDR=https://vault.url/ VAULT_TOKEN=token VAULT_KV_PATH=/kv
docker-compose example:
... php: image: php:latest container_name: php restart: on-failure working_dir: /var/www environment: VAULT_ADDR: https://127:0:0:1:8200/ VAULT_TOKEN: hvs.hrpvk3rEpD2HaHckeb976Ppw volumes: - .:/var/www:cached depends_on: - postgres ...
And need to init key value storage in Hashicorp Vault use api or web gui with VAULT_KV_PATH string.
Using
bootstrap.php
... const PROJECT_CONFIGURATION_USE_DEFAULT = YII_ENV_DEV; ...
$db_name = config('db.name', 'site-db-name'); $db_host = config('db.host', 'localhost'); return [ 'components' => [ 'db' => [ 'class' => 'yii\db\Connection', 'dsn' => "mysql:host={$db_host};dbname={$db_name}", 'username' => config('db.username', 'root'), 'password' => config('db.password', '****'), 'enableSchemaCache' => true, 'charset' => 'utf8', ], ], ];
Where is secret /kv/db and key name, host, username, password. Delimiter - .
Management
Use yii2-setting classes to add or delete data from vault use yii2 migrations.
Use yii2 migrations
return [ 'components' => [ 'vault' => [ 'class' => nohnaimer\config\storage\VaultStorage::class, 'kv' => [ 'class' => nohnaimer\vault\services\KVv1::class, 'path' => '/kv', 'client' => [ 'class' => nohnaimer\vault\Client::class, 'url' => 'url', 'token' => 'token', ], ], ], ], ];
You can use something like this:
class m221103_161325_vault_init extends Migration { /** * {@inheritdoc} */ public function safeUp() { $vault = Yii::$app->vault; //add $vault->setValue('/my/secret/key', 'value'); //delete secret with all keys $vault->deleteValue('/my/secret/key'); } }
License
yii2-vault-project-configuration it is available under a BSD 3-Clause License. Detailed information can be found in the LICENSE.md.