node-vault

A client for the HTTP API of HashiCorp's Vault written for Node.js.

Install

npm install node-vault

Usage

Init and unseal

vault = require("node-vault")();

vault.init({ secret_shares: 1, secret_threshold: 1 }, function(err, result) {
  var keys = result.keys;
  vault.token = result.root_token;
  vault.unseal({ secret_shares: 1, key: keys[0] }, function(err, result) {
    // Done
  });
});

Write, read and delete secrets

vault.write('secret/hello', { value: 'world', lease: '1s' }, function(err, result) {
  vault.read('secret/hello', function(err, result) {
    vault.delete('secret/hello', function(err, result) {
    });
  });
});

Examples

Please have a look at the examples for a list of implemented features.

git clone git@github.com:kr1sp1n/node-vault.git
cd node-vault
npm install

Instead of installing all the dependencies like vault itself, postgres and other stuff you can use docker and docker-compose to link and run multiple docker containers with all of its dependencies.

The setup for node-vault is defined in a single file: docker-compose.yml. To run the examples you need to install the docker toolbox first.

A best practice is to add the dockerhost to /etc/hosts:

echo "$(docker-machine ip default) dockerhost" | sudo tee -a /etc/hosts

and to add the env variables of the docker machine via:

eval "$(docker-machine env default)"

This line could also be added to you local .bashrc or whatever shell you are using.

Please set the endpoint of the vault server to the dockerhost:

export VAULT_ADDR=http://dockerhost:8200

To start just run:

docker-compose up

First of all you should initialize and unseal the vault:

$(npm bin)/coffee example/init.coffee

You should see root_token: followed by a long key in the response. Please copy that long key and export it as environment variable:

export VAULT_TOKEN=<insert long key here>

Now you are able to run all of the other examples:

$(npm bin)/coffee example/policies.coffee