Server: add and support unix listener (UDS)

[shaj13]

Fix #5491

hcl config

listener "unix" {}

listener "tcp" {
  address       = "127.0.0.1:8300"
  tls_cert_file = ""
  tls_key_file  = ""
  tls_disable   = 1
}

api_addr     = "http://127.0.0.1:8300"
cluster_addr = "http://127.0.0.1:8300"

storage "file" {
  path           = "/tmp/vault/storage"
  connection_url = ""
  ha_enabled     = false
}

Vault server logs:

==> Vault server configuration:

             Api Address: http://127.0.0.1:8300
                     Cgo: disabled
         Cluster Address: https://127.0.0.1:8301
   Environment Variables: DBUS_SESSION_BUS_ADDRESS, HOME, LANG, LC_CTYPE, LOGNAME, MOTD_SHOWN, OLDPWD, PATH, PWD, SHELL, SHLVL, SSH_CLIENT, SSH_CONNECTION, SSH_TTY, TERM, USER, XDG_DATA_DIRS, XDG_RUNTIME_DIR, XDG_SESSION_CLASS, XDG_SESSION_ID, XDG_SESSION_TYPE, _
              Go Version: go1.19.3
              Listener 1: unix (max_request_duration: "1m30s", max_request_size: "33554432")
              Listener 2: tcp (addr: "127.0.0.1:8300", cluster address: "127.0.0.1:8301", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
               Log Level: info
                   Mlock: supported: true, enabled: false
           Recovery Mode: false
                 Storage: file
                 Version: Vault v1.13.0-dev1, built 2022-12-02T16:02:28Z
             Version Sha: 12b2fab87559d6da9ff38247902a540992867827+CHANGES

==> Vault server started! Log data will stream in below:

2022-12-05T18:20:16.511+0200 [INFO]  vault: proxy environment: http_proxy="" https_proxy="" no_proxy=""
2022-12-05T18:20:16.512+0200 [INFO]  vault.core: Initializing version history cache for core

Curl Example

curl --silent -XGET --unix-socket /run/vault.sock http://localhost/v1/sys/health | jq
{
  "initialized": false,
  "sealed": true,
  "standby": true,
  "performance_standby": false,
  "replication_performance_mode": "unknown",
  "replication_dr_mode": "unknown",
  "server_time_utc": 1670257271,
  "version": "1.13.0-dev1"
}

[hashicorp-cla]

All committers have signed the CLA.

[shaj13]

@raskchanky PTAL,
TestBackend_StaticRole_LockRegression fail, can re-run the job ?.

[raskchanky]

Thanks for working on this! I think it looks great and would love to get it merged. Before doing so though, I think we need some documentation. Would you be up for writing some docs for this change? Specifically:

• https://developer.hashicorp.com/vault/docs/configuration/listener should mention there's now multiple listener types and should link to a new page for the UDS listener, similar to the TCP one.
• A new page, similar to https://developer.hashicorp.com/vault/docs/configuration/listener/tcp but obviously less involved, mentioning what a Unix domain socket is, the available listener parameters that can be configured, and a few code examples. I also think your example showing how to connect to Vault over a UDS with curl would be an excellent addition.

If you've never written Vault docs before, the website README has docs that show how to run the site locally via docker.

[vercel]

Someone is attempting to deploy a commit to the HashiCorp Team on Vercel.

A member of the Team first needs to authorize it.

[shaj13]

Thanks for working on this! I think it looks great and would love to get it merged. Before doing so though, I think we need some documentation. Would you be up for writing some docs for this change? Specifically:

* https://developer.hashicorp.com/vault/docs/configuration/listener should mention there's now multiple listener types and should link to a new page for the UDS listener, similar to the TCP one.

* A new page, similar to https://developer.hashicorp.com/vault/docs/configuration/listener/tcp but obviously less involved, mentioning what a Unix domain socket is, the available listener parameters that can be configured, and a few code examples. I also think your example showing how to connect to Vault over a UDS with curl would be an excellent addition.

If you've never written Vault docs before, the website README has docs that show how to run the site locally via docker.

@raskchanky Website and docs have been updated as well

[raskchanky]

The documentation looks great! Thanks for writing it up. I left a bunch of minor copy edits.

[shaj13]

The documentation looks great! Thanks for writing it up. I left a bunch of minor copy edits.

@raskchanky fantastic, the typo removed and docs updated per your suggestion 👍

[tjperry07]

Minor feedback.

[tjperry07]

Just merge the unix and definition changes and it's good to go

[shaj13]

@raskchanky @tjperry07 PTAL, docs updated

[raskchanky]

Awesome! Thanks for your great contribution!