Just Test secretsfs

If you simply want to test how to interact with secretsfs, you may execute the shell script vault-startup.sh. This just starts a development Vault instance on your host listening on port 8200 and populates some initial values. It also makes sure, that your root user has the correct roleid value set in his Vault access file.

mkdir /mnt/secretsfs                                # create the default mountpoint
cd $GOPATH/src/github.com/muryoutaisuu/secretsfs    # change to directory
./vault-setup.sh                                    # setup Vault, just following instructions on screen
                                                    # yes, I was too lazy to do some string parsing
. sourceit                                          # source some environment variables
./clean.sh                                          # this umounts potentially existing old mounts, build secretsfs anew and mounts it
                                                    # Type <ENTER> so you can see your prompt again
ls /mnt/secretsfs/secretsfiles                      # look at entries inside of that new secretsfs

If you also want to see templatefiles in action, additional actions are need:

mkdir -p /etc/secretsfs/templatefiles
cd $GOPATH/src/github.com/muryoutaisuu/secretsfs            # change to directory
cp examples/templatefile.conf /etc/secretsfs/templatefiles  # copy the template example to the templatefiles
ls /mnt/secretsfs/templatefiles                             # see that the newly copied file now gets listed
cat /mnt/secretsfs/templatefiles/templatefile.conf          # see that the secret is rendered upon this cat

Install secretsfs

From Source

To get started with secretsfs simply download this repository and install it:

go get github.com/muryoutaisuu/secretsfs            # get main source
cd $GOPATH/src/github.com/muryoutaisuu/secretsfs    # change to directory
go get ./...                                        # get dependencies
go install ./cmd/secretsfs                          # install secretsfs

Binary

For Linux x86_64, you may download the latest built binary from the project's release page.

Packages

There are prebuilt .rpm and .deb packages, you may download from the project's release page.

Start secretsfs

There are two possible ways to start secretsfs:

Either start it manually with secretsfs <mountpath> [-o <mountoptions>] [&]], or start it with Systemd using the predefined service in the examples folder:

cp example/secretsfs.service /usr/lib/systemd/system/secretsfs.service
systemctl start secretsfs
systemctl enable secretsfs

The Systemd definition also comes with your package installation.