From 91001c230e989220b9dfe95e02e62e0544fce98a Mon Sep 17 00:00:00 2001
From: DeveloperDurp <DeveloperDurp@durp.info>
Date: Thu, 23 Jan 2025 05:55:55 -0600
Subject: [PATCH] update

---
 infra/vault/values.yaml | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/infra/vault/values.yaml b/infra/vault/values.yaml
index ad1ff42..408c7d6 100644
--- a/infra/vault/values.yaml
+++ b/infra/vault/values.yaml
@@ -60,7 +60,7 @@ vault:
       enabled: true
   
     standalone:
-      enabled: false
+      enabled: true
 
       config: |
         disable_mlock = true
@@ -68,10 +68,12 @@ vault:
         listener "tcp" {
           address = "[::]:8200"
           cluster_address = "[::]:8201"
+            tls_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
+            tls_key_file  = "/vault/userconfig/vault-server-tls/vault.key"
         }
 
         seal "transit" {
-          address = "http://192.168.20.253:8201"
+          address = "https://root-vault.internal.durp.info"
           disable_renewal = "false"
           key_name = "autounseal"
           mount_path = "transit/"
@@ -84,10 +86,10 @@ vault:
   
     # Run Vault in "HA" mode.
     ha:
-      enabled: true
+      enabled: false
       replicas: 3
       raft:
-        enabled: true
+        enabled: false
         setNodeId: true
   
         config: |
@@ -101,7 +103,7 @@ vault:
           }
 
           seal "transit" {
-            address = "http://192.168.20.253:8201"
+            address = "https://192.168.20.253:8201"
             disable_renewal = "false"
             key_name = "autounseal"
             mount_path = "transit/"
@@ -111,19 +113,19 @@ vault:
           storage "raft" {
             path = "/vault/data"
             retry_join {
-              leader_api_addr = "http://vault-0.vault-internal:8200"
+              leader_api_addr = "https://vault-0.vault-internal:8200"
               leader_ca_cert_file = "/vault/userconfig/vault-server-tls/vault.ca"
               leader_client_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
               leader_client_key_file = "/vault/userconfig/vault-server-tls/vault.key"
             }
             retry_join {
-              leader_api_addr = "http://vault-1.vault-internal:8200"
+              leader_api_addr = "https://vault-1.vault-internal:8200"
               leader_ca_cert_file = "/vault/userconfig/vault-server-tls/vault.ca"
               leader_client_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
               leader_client_key_file = "/vault/userconfig/vault-server-tls/vault.key"
             }
             retry_join {
-              leader_api_addr = "http://vault-2.vault-internal:8200"
+              leader_api_addr = "https://vault-2.vault-internal:8200"
               leader_ca_cert_file = "/vault/userconfig/vault-server-tls/vault.ca"
               leader_client_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
               leader_client_key_file = "/vault/userconfig/vault-server-tls/vault.key"