experiment with vault configuration

hashicorp-vault/values.yaml

@@ -1,4 +1,55 @@
-vault: &vault_config {}
+vault: &vault_config
+  
+  global:
+    enabled: false
+  
+  server:
+    enabled: true
+    logLevel: debug
+  
+    ingress:
+      enabled: true
+      annotations:
+        traefik.ingress.kubernetes.io/router.entrypoints: websecure
+        traefik.ingress.kubernetes.io/router.tls: "true"
+        traefik.ingress.kubernetes.io/router.tls.certresolver: letsencrypt
+        traefik.ingress.kubernetes.io/router.tls.domains.0.main: arcodange.duckdns.org
+        traefik.ingress.kubernetes.io/router.tls.domains.0.sans: vault.arcodange.duckdns.org
+        traefik.ingress.kubernetes.io/router.middlewares: localIp@file
+      hosts:
+        - host: vault.arcodange.duckdns.org
+          paths: []
+
+  postStart: [] # https://github.com/hashicorp/vault-helm/blob/main/values.yaml
+
+  standalone:
+    enabled: true
+    config: |-
+      ui = true
+
+      listener "tcp" {
+        tls_disable = 1
+        address = "[::]:8200"
+        cluster_address = "[::]:8201"
+        # Enable unauthenticated metrics access (necessary for Prometheus Operator)
+        #telemetry {
+        #  unauthenticated_metrics_access = "true"
+        #}
+      }
+      storage "file" {
+        path = "/vault/data"
+      }
+
+      # Example configuration for enabling Prometheus metrics in your config.
+      #telemetry {
+      #  prometheus_retention_time = "30s"
+      #  disable_hostname = true
+      #}
+  
+  ui:
+    enabled: true
+    annotations: {}
+
 
 tool:
   # kind: 'SubChart' or 'HelmChart', if subchart then uncomment Chart.yaml dependency, else comment and use tool library with helm chart template