The script downloads Vault, installs it and configures Postgres DB to work with Vault.
Since Vault by default is in sealed state, it is not possible to extract data from it. The script tries to solve such problem. If
variable is set, the script will try to unseal Vault at startup.
Warning: This approach is fine for pet projects, but is not production ready solution. Vault itself provides feature for auto unsealing, and it is based on cloud KMS. See https://learn.hashicorp.com/vault/day-one/ops-autounseal-aws-kms for more details
How to use it
export VAULT_ADDR='LINK_TO_VAULT' vault operator init -key-shares=1 -key-threshold=1
VAULT_UNSEAL_KEYvariable in Heroku console