stacks/template/stacks/ref-implementation/openbao/values.yaml

server:
  extraContainers:
    - name: init-log-permissions
      image: busybox
      command: ["sh", "-c", "chown -R 1000:1000 /var/log && chmod -R 775 /var/log"]
      securityContext:
        runAsUser: 0
      volumeMounts:
        - mountPath: /var/log
          name: log-storage
    - name: log-sidecar
      image: alpine:latest
      command: ["/bin/sh", "-c", "
          while true; do
            echo 'Hello'
          sleep 5;
          done
        "]
      volumeMounts:
            - name: log-storage
              mountPath: /var/log/
      securityContext:
        runAsUser: 1
    
  volumes:
    - name: log-storage
      emptyDir: {}

  postStart:
    - sh
    - -c
    - |
      sleep 10
      bao operator init >> /tmp/init.txt
      cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {}
      echo $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/initial_token.txt
      echo $(grep "Unseal Key 1:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key1.txt
      echo $(grep "Unseal Key 2:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key2.txt
      echo $(grep "Unseal Key 3:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key3.txt
      echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt
      echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
      bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')
      bao audit enable file file_path=stdout
      touch /var/log/openbao.log      
      chmod 644 /var/log/openbao.log       
      chown openbao:openbao /var/log/openbao.log      
      bao audit enable file file_path=/var/log/openbao.log
      rm /tmp/init.txt
ui:
  enabled: true