search

canonical / snap-vault

Vault is a tool for securely accessing secrets
https://snapcraft.io/vault
Other
16 stars 10 forks source link

no services #7

Closed mathieujobin closed 6 years ago

mathieujobin commented 6 years ago

Hello,

I am running Kubuntu 17.10

I could install vault 0.9.0 via simple sudo snap install vault I upgraded to v0.9.5 using sudo snap refresh vault --edge

but I cannot start the service

$ sudo snap start vault 
[sudo] password for mathieu: 
error: snap "vault" has no services
$ snap services
Snap  Service  Startup  Current
$

I also tried uninstalling and reinstalling with --dev-mode

no changes

how do we run the service?

thanks

javacruft commented 6 years ago

Well now that's kinda the trick with this snap (and I'm making assumptions about the original thinking so I may be wrong).

Automatically restarting vault on a snap refresh is generally a bad idea; vault daemons must be unsealed using 3/5 key shares for the master key to be unlocked so vault can actually operate.

If the snap actually ran the service, then vault would get automatically restarted on refresh returning in a sealed state, and hence unusable.

javacruft commented 6 years ago

Sample systemd unit as used by the vault charm:

https://github.com/openstack/charm-vault/blob/master/src/templates/vault.service.j2

mathieujobin commented 6 years ago

ok, make sense, but maybe it should at least install the service file, the system can take care for starting it.