openbao 1.0.2

name: openbao-rust-crate

networks:
  openbao_internal:
    internal: true

volumes:
  openbao_data:

services:
  openbao:
    image: docker.io/openbao/openbao:2.5.4@sha256:436eaf9778cad75507ff70ea26ace30dcbe15606e619ac3823495663d7f7c115
    container_name: openbao_rust_crate_dev
    command: ["server", "-config=/openbao/config/openbao.hcl"]
    user: "100:0"
    environment:
      BAO_CACERT: /openbao/tls/dev-ca.crt
    volumes:
      - openbao_data:/openbao/data
      - ./openbao.hcl:/openbao/config/openbao.hcl:ro,Z
      - ./dev-state/tls:/openbao/tls:ro,z
    ports:
      - "127.0.0.1:9940:8200"
      - "127.0.0.1:9941:8201"
    healthcheck:
      test: ["CMD", "bao", "status", "-address=https://127.0.0.1:8200", "-ca-cert=/openbao/tls/dev-ca.crt"]
      interval: 10s
      timeout: 5s
      retries: 12
      start_period: 10s
    security_opt:
      - no-new-privileges
    networks:
      - openbao_internal
    restart: unless-stopped