A HashiCorp Vault UI written with VueJS and Vault native Go API
v0.6.0
is an update focused on deployment, security, and bug fixes.
The deployment has been simplified. Goldfish no longer requires a wrapping token at launch time, but will require the operator to provide one through the UI to bootstrap. Transit encryption is also now optional. See wiki for details
Memory lock (identical to vault's implementation) is on by default in this version. A couple of race conditions have been fixed as well.
ServerTransitKey
is set in config)Deployment steps have not changed from v0.5.0. However, as of v0.5.0, you may want to update your goldfish approle to periodic (see wiki deployment instructions)
Deploying goldfish is even simpler - public
folder is packed inside the binary.
You only have to deploy ONE binary! See wiki for details
public
is built into the binary with go.rice (#112)Deploying goldfish is now simpler - public
folder is packed inside the binary.
You only have to deploy ONE binary! See wiki for details
This is a release candidate. Nothing is guaranteed.
public
is built into the binary with go.rice (#112)
unzip
anymore, just run the one binary!Check the wiki for details
Major:
Config system has been changed to a file-based system. Now, launching goldfish in production requires just two parameters:
token
, which used to be vault_token
but has been renamedconfig
, which should be the path of a file that specifies everything cmd args used to specify.When launching goldfish in dev
mode, it will also start a localhost dev vault instance. This means you no longer have to spin up your own separate vault instance before developing goldfish.
Note: binaries have gotten much bigger because vault core itself is now packed in.
tls_disable
cmd arg, much like Vault's server config file. Allows goldfish to launch in production settings but without httpssecret/foo
will return policies that contain path secret/*
tls_skip_verify
option to allow for self-signed vault instancesversion
option to display version of goldfish for consistency and debugging purposesNew feature: terraform vault by requesting policies from a GitHub commit https://github.com/Caiyeon/goldfish/wiki/Features HTTP error response codes and messages revamped.