#!@l_prefix@/bin/openpkg rc ## ## rc.vault-unseal -- Run-Commands ## %config vault_unseal_enable="$openpkg_rc_def" vault_unseal_flags="" vault_unseal_log_prolog="true" vault_unseal_log_epilog="true" vault_unseal_log_numfiles="10" vault_unseal_log_minsize="1M" vault_unseal_log_complevel="9" %common vault_unseal_cfgfile="@l_prefix@/etc/vault-unseal/vault-unseal.yaml" vault_unseal_pidfile="@l_prefix@/var/vault-unseal/run/vault-unseal.pid" vault_unseal_logfile="@l_prefix@/var/vault-unseal/log/vault-unseal.log" vault_unseal_signal () { [ -f $vault_unseal_pidfile ] && kill -$1 `cat $vault_unseal_pidfile` } %status -u @l_rusr@ -o vault_unseal_usable="unknown" vault_unseal_active="no" rcService vault-unseal enable yes && \ vault_unseal_signal 0 && vault_unseal_active="yes" echo "vault_unseal_enable=\"$vault_unseal_enable\"" echo "vault_unseal_usable=\"$vault_unseal_usable\"" echo "vault_unseal_active=\"$vault_unseal_active\"" %start -u @l_rusr@ rcService vault-unseal enable yes || exit 0 rcService vault-unseal active yes && exit 0 ( nohup @l_prefix@/sbin/vault-unseal \ -c $vault_unseal_cfgfile \ -l $vault_unseal_logfile \ $vault_unseal_flags \ /dev/null 2>&1 & echo $! >$vault_unseal_pidfile ) >/dev/null 2>&1 %stop -u @l_rusr@ rcService vault-unseal enable yes || exit 0 rcService vault-unseal active no && exit 0 vault_unseal_signal TERM sleep 2 rm -f $vault_unseal_pidfile >/dev/null 2>&1 || true %restart -u @l_rusr@ rcService vault-unseal enable yes || exit 0 rcService vault-unseal active no && exit 0 rc vault-unseal stop start %daily -u @l_susr@ rcService vault-unseal enable yes || exit 0 shtool rotate -f \ -n $vault_unseal_log_numfiles -s $vault_unseal_log_minsize -d \ -z $vault_unseal_log_complevel -m 664 -o @l_rusr@ -g @l_rgrp@ \ -P "$vault_unseal_log_prolog" \ -E "$vault_unseal_log_epilog; rc vault-unseal reload" \ $vault_unseal_logfile