unable to init

[jmls]

trying a simple piece of code

var Vaulted = require('vaulted');

var vault = new Vaulted();

vault
.init()
.bind(vault)
.then(vault.unSeal)
.catch(function caughtError(err) {
  console.error('Could not initialize or unseal vault.' + err.message);
  process.exit(1);
});

I get the following error:

Could not initialize or unseal vault.400 - [object Object

I have VAULT_TOKEN, VAULT_HOST and VAULT_SSL set up

if I do

curl -X GET-H "X-Vault-Token:$VAULT_TOKEN"-H 'Content-type: application/json' $VAULT_HOST:8200/v1/sys/init 

then I get

{"initialized":true}

so I would guess that the tokens and hosts are correct.

What am I doing wrong ?

[kenjones-cisco]

Is the Vault a brand new vault instance or a pre-existing one?

When print out the error, try using the following err.error as Vault places the actual error details in the attribute error.

If you can get the output from error it would help get to the root cause. If you run init more than once between sessions you will get an error once Vault shows {"initialized":true}

The latest version currently in the master branch handles this more gracefully, and new release is imminent.

[jmls]

yeah, the vault is already initialised - the error is

errors: [ 'Vault is already initialized' ] } 

so, how can I access a vault that has already been initited ?

[kenjones-cisco]

You would need to unseal it using the keys that are returned during initialization. If you don't have the keys or the master token, then you are not able to access the Vault.

The soon to be released version will create a backup of your keys so that you do not get into the state of having an initialized Vault without having the keys to unseal the vault for use.

[kenjones-cisco]

33

[chiefy]

@jmls we just published 2.0 to npm, can you re-install and try again? Let us know if you run into any other issues, thanks!

[jmls]

Thanks - will do. However, how do I connect to an existing, unsealed vault ?

[kenjones-cisco]

You need a token or other credentials to authenticate with the vault.

[jmls]

I may be old and tired, but I knew that .. ;) What I was trying to find out is how to identify with the vault. Do I need to bind(), have a VAULT_TOKEN env ? What are the methods called - do they map directly to the http api ?

thanks

[kenjones-cisco]

There is an available method: setToken that you can pass the token that will then be configured for access later.

There is new method prepare that will load the current state about the Vault.

var vault = new Vaulted();

vault.prepare().then(function (self) {
    self.setToken('token');
});

The use of the environment variable or configuration option does not currently seem to be working.

38

[jmls]

yes, this bit works now, thanks.