alox-gandalf 0.0.9 → 0.0.10
Sign up to get free protection for your applications and to get access to all the features.
- metadata +2 -8
- data/aloxec/_gandalf +0 -16
- data/aloxec/_gandalf_ +0 -24
- data/aloxec/edit-secrets +0 -58
- data/aloxec/new-key +0 -46
- data/aloxec/new-secrets +0 -43
- data/aloxec/show-secrets +0 -38
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: alox-gandalf
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.10
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -19,13 +19,7 @@ email:
|
|
19
19
|
executables: []
|
20
20
|
extensions: []
|
21
21
|
extra_rdoc_files: []
|
22
|
-
files:
|
23
|
-
- aloxec/_gandalf
|
24
|
-
- aloxec/_gandalf_
|
25
|
-
- aloxec/edit-secrets
|
26
|
-
- aloxec/new-key
|
27
|
-
- aloxec/new-secrets
|
28
|
-
- aloxec/show-secrets
|
22
|
+
files: []
|
29
23
|
homepage: https://github.com/destructuring/gandalf
|
30
24
|
licenses: []
|
31
25
|
post_install_message:
|
data/aloxec/_gandalf
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
if [[ "$#" > 0 ]]; then
|
4
|
-
GANDALF="$1"; shift
|
5
|
-
fi
|
6
|
-
|
7
|
-
if [[ -z "${GANDALF:-}" ]]; then
|
8
|
-
GANDALF="$(pwd -P)"
|
9
|
-
fi
|
10
|
-
|
11
|
-
export GANDALF
|
12
|
-
|
13
|
-
if [[ ! -x "$(type -P gpg 2>&-)" ]]; then
|
14
|
-
echo "ERROR: could not find gpg tool" 1>&2
|
15
|
-
false
|
16
|
-
fi
|
data/aloxec/_gandalf_
DELETED
@@ -1,24 +0,0 @@
|
|
1
|
-
function keys_path {
|
2
|
-
echo "$GANDALF/$(ryaml "$GANDALF/config/gandalf.yml" keys_path)"
|
3
|
-
}
|
4
|
-
|
5
|
-
function keys {
|
6
|
-
ryaml "$GANDALF/config/gandalf.yml" bundle "$nm_bundle" keys | awk '$1 == "-" { print $NF }' | xargs --
|
7
|
-
}
|
8
|
-
|
9
|
-
function secrets_path {
|
10
|
-
echo "$GANDALF/$(ryaml "$GANDALF/config/gandalf.yml" bundle "$nm_bundle" secrets_path)"
|
11
|
-
}
|
12
|
-
|
13
|
-
function recipients {
|
14
|
-
local _a
|
15
|
-
for _a in $(keys); do
|
16
|
-
echo -n " -r $_a"
|
17
|
-
done
|
18
|
-
}
|
19
|
-
|
20
|
-
function gpg {
|
21
|
-
logger_info "gpg $@"
|
22
|
-
"$(type -P gpg)" "$@"
|
23
|
-
}
|
24
|
-
|
data/aloxec/edit-secrets
DELETED
@@ -1,58 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
#/ NAME
|
4
|
-
#/ edit bundle -- edit a password bundle
|
5
|
-
#/
|
6
|
-
#/ SYNOPSIS
|
7
|
-
#/ edit bundle name
|
8
|
-
|
9
|
-
# figure out the project root under which bin, lib live
|
10
|
-
shome="$(cd -P -- "$(dirname -- "$BASH_SOURCE")/.." && pwd -P)"
|
11
|
-
|
12
|
-
# load a jason bourne library
|
13
|
-
source _jason
|
14
|
-
require _gandalf "${GANDALF:-}"
|
15
|
-
require _gandalf_
|
16
|
-
|
17
|
-
readonly cfg_gandalf="$GANDALF/config/gandalf.yml"
|
18
|
-
|
19
|
-
# entry point
|
20
|
-
function main {
|
21
|
-
if [[ "$#" = 0 ]]; then
|
22
|
-
local default_bundle="$(ryaml $cfg_gandalf bundle default)"
|
23
|
-
if [[ -n "$default_bundle" ]]; then
|
24
|
-
set -- "$default_bundle" "$@"
|
25
|
-
fi
|
26
|
-
fi
|
27
|
-
|
28
|
-
if [[ "$#" = 0 ]]; then
|
29
|
-
logger_fatal "missing name of secrets bundle"
|
30
|
-
exit 1
|
31
|
-
fi
|
32
|
-
|
33
|
-
readonly local nm_bundle="$1"; shift
|
34
|
-
readonly local tmp_keyring="$(mktemp -t XXXXXXXXX)"
|
35
|
-
|
36
|
-
set +f
|
37
|
-
gpg --no-default-keyring --keyring "$tmp_keyring" --import "$(keys_path)/"*
|
38
|
-
set -f
|
39
|
-
|
40
|
-
readonly local tmp_container="$(mktemp -d -t XXXXXXXXX)"
|
41
|
-
readonly local tmp_buffer="$(TMPDIR="$tmp_container" mktemp -t XXXXXXXXX)"
|
42
|
-
|
43
|
-
git pull
|
44
|
-
gpg -a -d "$(secrets_path)/${nm_bundle}.gpg" > "$tmp_buffer"
|
45
|
-
"${EDITOR:-vim}" "$tmp_buffer"
|
46
|
-
|
47
|
-
readonly local tmp_bundle="$(mktemp -t XXXXXXXXX)"
|
48
|
-
if gpg --yes --trust-model always --no-default-keyring --keyring "$tmp_keyring" -a -e -o "$tmp_bundle" $(recipients) "$tmp_buffer"; then
|
49
|
-
mv -f "$tmp_bundle" "$(secrets_path)/$nm_bundle.gpg"
|
50
|
-
else
|
51
|
-
rm -f "$tmp_bundle"
|
52
|
-
fi
|
53
|
-
|
54
|
-
rm -f "$tmp_keyring" "$tmp_buffer"
|
55
|
-
rmdir "$tmp_container"
|
56
|
-
}
|
57
|
-
|
58
|
-
require _sub "$BASH_SOURCE" "$@"
|
data/aloxec/new-key
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
#/ NAME
|
4
|
-
#/ new key -- create a new gpg key
|
5
|
-
#/
|
6
|
-
#/ SYNOPSIS
|
7
|
-
#/ new key email
|
8
|
-
|
9
|
-
# figure out the project root under which bin, lib live
|
10
|
-
shome="$(cd -P -- "$(dirname -- "$BASH_SOURCE")/.." && pwd -P)"
|
11
|
-
|
12
|
-
# load a jason bourne library
|
13
|
-
source _jason
|
14
|
-
require _gandalf "${GANDALF:-}"
|
15
|
-
require _gandalf_
|
16
|
-
|
17
|
-
readonly cfg_gandalf="$GANDALF/config/gandalf.yml"
|
18
|
-
|
19
|
-
# entry point
|
20
|
-
function main {
|
21
|
-
if [[ "$#" = 0 ]]; then
|
22
|
-
logger_fatal "missing email"
|
23
|
-
exit 1
|
24
|
-
fi
|
25
|
-
|
26
|
-
readonly local email="$1"; shift
|
27
|
-
readonly local tmp_genkey="$(mktemp -t XXXXXXXXX)"
|
28
|
-
|
29
|
-
cat > "$tmp_genkey" <<EOF
|
30
|
-
Key-Type: RSA
|
31
|
-
Key-Length: 2048
|
32
|
-
Subkey-Type: RSA
|
33
|
-
Subkey-Length: 2048
|
34
|
-
Name-Email: $email
|
35
|
-
Expire-Date: 1y
|
36
|
-
%commit
|
37
|
-
EOF
|
38
|
-
|
39
|
-
gpg --batch --gen-key "$tmp_genkey"
|
40
|
-
rm -f "$tmp_genkey"
|
41
|
-
gpg --edit-key "$email" passwd save
|
42
|
-
|
43
|
-
gpg --export -a "$email" > "$(keys_path)/$email"
|
44
|
-
}
|
45
|
-
|
46
|
-
require _sub "$BASH_SOURCE" "$@"
|
data/aloxec/new-secrets
DELETED
@@ -1,43 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
#/ NAME
|
4
|
-
#/ new bundle -- create a new password bundle
|
5
|
-
#/
|
6
|
-
#/ SYNOPSIS
|
7
|
-
#/ new bundle name
|
8
|
-
|
9
|
-
# figure out the project root under which bin, lib live
|
10
|
-
shome="$(cd -P -- "$(dirname -- "$BASH_SOURCE")/.." && pwd -P)"
|
11
|
-
|
12
|
-
# load a jason bourne library
|
13
|
-
source _jason
|
14
|
-
require _gandalf "${GANDALF:-}"
|
15
|
-
require _gandalf_
|
16
|
-
|
17
|
-
readonly cfg_gandalf="$GANDALF/config/gandalf.yml"
|
18
|
-
|
19
|
-
# entry point
|
20
|
-
function main {
|
21
|
-
if [[ "$#" = 0 ]]; then
|
22
|
-
logger_fatal "missing name of secrets bundle"
|
23
|
-
exit 1
|
24
|
-
fi
|
25
|
-
|
26
|
-
readonly local nm_bundle="$1"; shift
|
27
|
-
readonly local tmp_keyring="$(mktemp -t XXXXXXXXX)"
|
28
|
-
|
29
|
-
set -x
|
30
|
-
keys
|
31
|
-
set +x
|
32
|
-
|
33
|
-
local _rcpt
|
34
|
-
for _rcpt in $(keys); do
|
35
|
-
gpg --no-default-keyring --keyring "$tmp_keyring" --import "$(keys_path)/$_rcpt"
|
36
|
-
done
|
37
|
-
|
38
|
-
echo "---" | gpg --no-default-keyring --keyring "$tmp_keyring" -a -e -o "$(secrets_path)/$nm_bundle.gpg" $(recipients)
|
39
|
-
|
40
|
-
rm -f "$tmp_keyring"
|
41
|
-
}
|
42
|
-
|
43
|
-
require _sub "$BASH_SOURCE" "$@"
|
data/aloxec/show-secrets
DELETED
@@ -1,38 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
#/ NAME
|
4
|
-
#/ list bundle -- list the bundle for a bundle
|
5
|
-
#/
|
6
|
-
#/ SYNOPSIS
|
7
|
-
#/ list bundle name
|
8
|
-
|
9
|
-
# figure out the project root under which bin, lib live
|
10
|
-
shome="$(cd -P -- "$(dirname -- "$BASH_SOURCE")/.." && pwd -P)"
|
11
|
-
|
12
|
-
# load a jason bourne library
|
13
|
-
source _jason
|
14
|
-
require _gandalf "${GANDALF:-}"
|
15
|
-
require _gandalf_
|
16
|
-
|
17
|
-
readonly cfg_gandalf="$GANDALF/config/gandalf.yml"
|
18
|
-
|
19
|
-
# entry point
|
20
|
-
function main {
|
21
|
-
if [[ "$#" = 0 ]]; then
|
22
|
-
local default_bundle="$(ryaml $cfg_gandalf bundle default)"
|
23
|
-
if [[ -n "$default_bundle" ]]; then
|
24
|
-
set -- "$default_bundle" "$@"
|
25
|
-
fi
|
26
|
-
fi
|
27
|
-
|
28
|
-
if [[ "$#" = 0 ]]; then
|
29
|
-
logger_fatal "missing name of secrets bundle"
|
30
|
-
exit 1
|
31
|
-
fi
|
32
|
-
|
33
|
-
readonly local nm_bundle="$1"; shift
|
34
|
-
|
35
|
-
gpg -a -d "$(secrets_path)/${nm_bundle}.gpg"
|
36
|
-
}
|
37
|
-
|
38
|
-
require _sub "$BASH_SOURCE" "$@"
|