Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
Brand Logo

Cloudron Forum
  1. Cloudron Forum
  2. Vault

Vault

4 Topics 117 Posts
  • girishG

    Vault - Package Updates

    Pinned Locked
    99
    0 Votes
    99 Posts
    57k Views
    Package UpdatesP
    [1.83.3] Update vault to 2.0.2 Full Changelog containers: Remove cap_ipc_lock capability on vault at build time to allow running Vault in common container runtimes. Vault in containers will no longer be able to call mlock() to lock memory. Operators should set disable_mlock = true in Vault's configuration. Runtime operators are advised to disable swapping to guarantee data safety. secrets/ssh: RSA key sizes are now limited to a maximum size of 8192 bits addressing CVE-2026-39829 plugins: Fix plugin signature verification failure with expired pgp key when registering a plugin. ui/transit: Fix key version dropdown selected state when editing a transit key.
  • girishG

    Vault - OIDC Support

    5
    0 Votes
    5 Posts
    2k Views
    C
    @joseph I agree. I looked at some of the implementation requirements and it takes effort. With each Cloudron app update and server reboot, it requires a process to "turn on" the server. That involves presenting several keys to unlock the server. For large companies with dev ops resources, this is doable. But for smaller companies, it is too much effort with a huge risk of bringing down applications if you miss a secrets server reboot.
  • scookeS

    Vaultwarden vs Vault

    8
    1 Votes
    8 Posts
    8k Views
    marcusquinnM
    @scooke Think of Vault as kinda like Bitwarden but for code to lookup with. Unless you're coding access to things, I don't think you'd need it.
  • M

    Vault process running out of memory--plenty of memory available.

    Moved oom
    5
    0 Votes
    5 Posts
    3k Views
    girishG
    @mastadamus I will bump up the memory limit for vault. https://learn.hashicorp.com/tutorials/vault/reference-architecture says 4-8GB is recommended. Currently, the cloudron package runs at 256MB! Also, as you guessed, it's only the vault container that is dying and the server is not affected (I guess that's one of the main benefits of running in containers, a single app cannot bring down a system).