Demo application for utilising Hashicorp Vault for encryption.
JWT_SECRET
: a random secret value used for signing the JWT's issued by the api.JWT_EXPIRY
: how long the issued JWT's should last. e.g."30m"
for 30 minutes.JWT_ISSUER
: used to populate theiss
claim of generated JWT's. e.g.http://localhost:7777
JWT_AUDIENCE
: used to populate theaud
claim of generated JWT's. e.g.http://localhost:7777
VAULT_APP_TOKEN
: the token output from terraform after deploying the vault resources.VAULT_KEY_NAME
: name of the transit key for the application to use for encryption/decryption. this should align with the name of the transit key in the terraform configuration file main.tf
- Open the repo in VS Code
- Use the "Reopen in container" command from the Dev containers extension
- Once the container is built, run
yarn
from the project root. - Initialise the SQLite DB:
sqlite3 db/prisma/dev.db "VACUUM;"
. - Initialise prisma:
yarn generate --cwd db
. - Change directory into the
vault
folder from the terminal. - Run
terraform init
to initialise terraform. - Run
terraform plan -out tfplan
to create a terrform plan file. - Run
terraform apply tfplan
to apply the generated plan file and create the required vault resources. - Run
terraform output app_client_token
to print out the generated app token for vault. - In the API folder, copy the
.env.example
file and rename to.env.development
, populating the required environment variables with values. - Run the API in watch mode:
yarn dev --cwd api
.