From e30439f0395a1ca537f5e1f4b0fafd4bf9c8646b Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Wed, 1 Nov 2023 18:13:17 +0100
Subject: [PATCH] improve varaible

---
 Dockerfile      |  2 ++
 Readme.md       | 10 ++++++++++
 vault-backup.sh |  3 ---
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a21c056..674a6c7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,6 @@
 FROM vault:1.13.3
+ENV VAULT_ADDR="http://active.vault.service.consul:8200"
+ENV RETENTION=30
 COPY vault-backup.sh /
 CMD ./vault-backup.sh
 VOLUME /backup
diff --git a/Readme.md b/Readme.md
index d33e4d1..d27ca19 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,11 +1,21 @@
 # docker-vault-backup
 
 perform a backup of vault raft base
+need an vautl approle authentification with following policie
+
+```terraform
+  rule {
+      path = "sys/storage/raft/snapshot"
+      capabilities = ["read"]
+  }
+```
 
 ## ENV variable
 
 - VAULT_APPROLEID
 - VAULT_SECRETID
+- RETENTION
+- VAULT_ADDR
 
 ## mount
 
diff --git a/vault-backup.sh b/vault-backup.sh
index 7544423..0f5791f 100755
--- a/vault-backup.sh
+++ b/vault-backup.sh
@@ -2,9 +2,6 @@
 export PATH_SNAPSHOT="/backup"
 export PATH_DIR="daily"
 export PATH_BACKUP=$PATH_SNAPSHOT"/"$PATH_DIR
-export VAULT_ADDR="http://active.vault.service.consul:8200"
-export RETENTION=30
-export ENV="0"    # (0 = staging, 1 = production)
 export SNAPSHOT_FILE=$(date +%Y-%m-%d)