I didn’t read the code well enough before running the vault extension. It looks from the code like if you don’t supply
VAULT_TOKEN_RENEWAL, it will create a renewer with a duration of 0. I have been ddossing my vault server for a few days, and luckily it hasn’t completely fallen over, but that is not good at all.
Perhaps a sensible default of
5m would make sense for that?