lucasberto/laravel-vault
Composer 安装命令:
composer require lucasberto/laravel-vault
包简介
An easy Laravel integration for HashiCorp Vault
README 文档
README
A package for simple and easy Laravel and HashiCorp Vault integration.
Features
- Simple integration with HashiCorp Vault
- Support for multiple Vault servers
- Clean facade-based API
Supported Secret Engines (will add more in the future):
- KV Secrets Engine v1
- KV Secrets Engine v2
Requirements
- PHP 8.1 or higher
- Laravel 9, 10, or 11
- HashiCorp Vault 1.12 or higher
Installation
You can install the package via composer:
composer require lucasberto/laravel-vault
Configuration
After installing the package, you need to publish the configuration file:
php artisan vendor:publish --tag=vault-config
This will create a config/vault.php file in your project.
Also, you need to add the following lines to your .env file:
# Required configs VAULT_ADDR=http://127.0.0.1:8200 VAULT_TOKEN=your-token-here # Optional configs VAULT_TIMEOUT=10 # Default: 30 VAULT_KV_ROOT=kv-v2 # Default: secret
If you want to use multiple Vault servers, you can add more addresses and tokens to the .env file:
VAULT_SECONDARY_ADDR=http://vault2.example.com:8200 VAULT_SECONDARY_TOKEN=another-token # Optional configs VAULT_SECONDARY_TIMEOUT=20 # Default: 30 VAULT_SECONDARY_KV_ROOT=kv-v2 # Default: secret
And update the config/vault.php file accordingly.
'servers' => [ 'main' => [ 'address' => env('VAULT_ADDR', 'http://127.0.0.1:8200'), 'token' => env('VAULT_TOKEN'), 'timeout' => env('VAULT_TIMEOUT', 30), 'kv_root' => env('VAULT_KV_ROOT', 'secret'), ], 'secondary' => [ 'address' => env('VAULT_SECONDARY_ADDR'), 'token' => env('VAULT_SECONDARY_TOKEN'), 'timeout' => env('VAULT_SECONDARY_TIMEOUT', 30), 'kv_root' => env('VAULT_SECONDARY_KV_ROOT', 'secret'), ], ],
Usage
Basic Usage
use Lucasberto\LaravelVault\Facades\Vault; // List secrets (KV v2) $secrets = Vault::listSecrets('path/to/secrets'); // List secrets (KV v1) $secrets = Vault::listSecrets('path/to/secrets', 1); // Get a secret (KV v2) $secret = Vault::getSecret('path/to/secret'); // Using KV v1 $secret = Vault::getSecret('path/to/secret', 1); // Store a secret (KV v2) Vault::putSecret('path/to/secret', [ 'username' => 'admin', 'password' => 'secret' ]); // Store a secret (KV v1) Vault::putSecret('path/to/secret', [ 'username' => 'admin', 'password' => 'secret' ], 1); // Delete a secret (KV v2) Vault::deleteSecret('path/to/secret'); // Delete a secret (KV v1) Vault::deleteSecret('path/to/secret', 1); // Check if vault is unsealed $isUnsealed = Vault::isUnsealed(); // Seal vault $sealed = Vault::seal(); // Unseal vault (one call per key, after n calls, vault is unsealed) Vault::unseal('key'); // Get vault health $health = Vault::health(); // It is also possible to use a custom client (of type GuzzleHttp\Client) $config = app()->config['vault']['servers']['main']; $httpClient = new \GuzzleHttp\Client([ 'base_uri' => $config['address'], 'headers' => [ 'X-Vault-Token' => $config['token'], ], 'timeout' => $config['timeout'], ]); $vaultClient = new Lucasberto\LaravelVault\VaultClient($config, $httpClient); $vaultClient->getSecret('path/to/secret');
Multiple servers
// Use default connection $secret = Vault::getSecret('path/to/secret'); // Use specific connection $secret = Vault::connection('secondary')->getSecret('path/to/secret');
lucasberto/laravel-vault 适用场景与选型建议
lucasberto/laravel-vault 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 4.25k 次下载、GitHub Stars 达 4, 最近一次更新时间为 2025 年 02 月 12 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「storage」 「encryption」 「laravel」 「credentials」 「key-value」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 lucasberto/laravel-vault 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 lucasberto/laravel-vault 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 lucasberto/laravel-vault 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A SDK for working with B2 cloud storage.
Small library to access Microsoft Windows Azure Blob Storage with a Service or a StreamWrapper.
A simple PHP class to encrypt a string and decrypt an encrypted string
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Provide a way to secure accesses to all routes of an symfony application.
Encryption with AES-256 and HMAC-SHA256
统计信息
- 总下载量: 4.25k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 4
- 点击次数: 12
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-02-12