ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Increase openbao JWT wait timeout from 180s to 240s

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2026-01-05 00:52:23 -06:00
parent 6dea74a2a8
commit d686c589f8
1 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
flakes/secrets-bao/nixos-module.nix
View file

@ -383,12 +383,13 @@ in
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "30s"; RestartSec = "30s";
TimeoutStartSec = "5min";
UMask = "0077"; UMask = "0077";
ExecStartPre = pkgs.writeShellScript "openbao-wait-jwt" '' ExecStartPre = pkgs.writeShellScript "openbao-wait-jwt" ''
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
for i in {1..180}; do for i in {1..240}; do
if [ -s "${cfg.zitadelJwtPath}" ]; then if [ -s "${cfg.zitadelJwtPath}" ]; then
jwt="$(cat "${cfg.zitadelJwtPath}")" jwt="$(cat "${cfg.zitadelJwtPath}")"
# very cheap sanity check: JWT has at least 2 dots # very cheap sanity check: JWT has at least 2 dots
@ -396,6 +397,11 @@ in
exit 0 exit 0
fi fi
fi fi
if [ $((i % 30)) -eq 0 ]; then
echo "vault-agent: waiting for ${cfg.zitadelJwtPath} (t=${"$"}i s)" >&2
fi
sleep 1 sleep 1
done done