hyperwaverelay 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1d3db0440a61b2e75f37b563f0331f390bc82102
-  data.tar.gz: 368558a67d4c766d7357f7d9e97247331f1d80d8
+  metadata.gz: fe672694d18ee6341e15a29d16c6be7c176982f2
+  data.tar.gz: 69f9a475631505c9eff07ae2f466d95c5e174777
 SHA512:
-  metadata.gz: 049531c5e7ff041521b56a7194096ce913e552271e869994969e139a40826c8c412b6b062c4df17f5a95c81c412beda4c290fcb4e53659e841f69a80fe868c7d
-  data.tar.gz: 1e8823d54ac62f996a6cea04f11e88d5e6184340690799db23fc3d3faaa858ef3d57f1bf98ab85fdde222f54c4199181fef9665ff6daa795df88cad44b91ddef
+  metadata.gz: 873fe7383d935373f275bc8e51f959ee0b050bbcd665e9ca81bebc3e59efae83b3884422f7fa560f6bca881824eb2d4eb695c1a094ef72da3f0798581bcc3b91
+  data.tar.gz: 06feeb2fa6046313ac0c6d197352837f6eb2b1391d89b14d136e53f3f15aab96013cd0466351864ef031e19c253460b466dcc4a10253ec0134e9fb4979de83f9

data/lib/hyperwaverelay.rb

@@ -1,8 +1,9 @@
 require "bundler/setup"
 require "hyperwaverelay/version"
-require "securerandom"
+require "hyperwaverelay/keys"
+require "hyperwaverelay/vault"
+require "hyperwaverelay/util"
 require "thor"
-require 'sshkey'
 
 module Hyperwaverelay 
   class Cli < Thor
@@ -19,21 +20,17 @@ module Hyperwaverelay
       ["group_vars","host_vars","roles"].each do |dir|
         empty_directory("#{name}/#{dir}")
       end
-      create_file "#{name}/.vault_password" do
-        SecureRandom::base64(20)
-      end
       create_file "#{name}/group_vars/all" do
         "---\n"
       end
-      key = ::SSHKey.generate
-      create_file "#{ENV['HOME']}/.ssh/ansible_deploy" do
-        key.private_key
-      end
-      create_file "#{ENV['HOME']}/.ssh/ansible_deploy.pub" do
-        key.ssh_public_key
-      end
-      template "hyperwaverelay/templates/ansible.cfg.tt", "#{name}/ansible.cfg"
+      template "hyperwaverelay/templates/ansible.cfg.tt", "#{name}/ansible.cfg", {name: name}
+      invoke "hyperwaverelay:keys:keygen"
+      invoke "hyperwaverelay:vault:gen"
     end
+    desc "keys SUBCOMMAND ARGS", "manage SSH keys" 
+    subcommand "keys", Keys
+    desc "vault SUBCOMMAND ARGS", "manage vault"
+    subcommand "vault", Vault
   end
 end
 

data/lib/hyperwaverelay/keys.rb

@@ -0,0 +1,18 @@
+require 'thor'
+require 'sshkey'
+
+module Hyperwaverelay
+  class Keys < Thor
+    include Thor::Actions
+    desc "keygen key_prefix", "generate ssh keys"
+    def keygen(prefix)
+      key = ::SSHKey.generate
+      create_file "#{ENV['HOME']}/.ssh/#{prefix}_ansible_deploy" do
+        key.private_key
+      end
+      create_file "#{ENV['HOME']}/.ssh/#{prefix}_ansible_deploy.pub" do
+        key.ssh_public_key
+      end
+    end
+  end
+end

data/lib/hyperwaverelay/templates/ansible.cfg.tt

@@ -1,7 +1,7 @@
 [defaults]
 ansible_managed = Ansible Managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}
 vault_password_file = .vault_password
+private_key_file = <%= ENV['HOME'] %>/.ssh/<%= config[:name] %>_ansible_deploy
 <% if options[:disable_host_key_checking] %>host_key_checking = False <% end %>
 <% if options[:remote_user] %>remote_user = <%= options[:remote_user] %><% end %>
 <% if options[:inventory] %>inventory = <%= options[:inventory] %><% end %>
-private_key_file = <%= ENV['HOME'] %>/.ssh/ansible_deploy

data/lib/hyperwaverelay/util.rb

@@ -0,0 +1,31 @@
+require 'pathname'
+
+module Hyperwaverelay
+  class Util
+    def self.has_ansible_cfg?
+      has_file?('ansible.cfg')
+    end
+    def self.has_directories?
+      has_dir?('group_vars') && has_dir?('host_vars') && has_dir?('roles')
+    end
+    def self.is_ansible_project?
+      has_directories? && has_ansible_cfg?
+    end
+    def self.vault_present?
+      has_hidden_file?('.vault_password')
+    end
+    def self.is_vaulted?(file)
+      File.readlines(file)[0] == "$ANSIBLE_VAULT;1.1;AES256\n"
+    end
+    protected
+    def self.has_file?(filename)
+      Pathname.glob('*').any? {|f| f.file? && f.to_s == filename}
+    end
+    def self.has_dir?(dirname)
+      Pathname.glob('*').any? {|d| d.directory? && d.to_s == dirname}
+    end
+    def self.has_hidden_file?(filename)
+      Pathname.glob('.*').any? {|f| f.file? && f.to_s == filename}
+    end
+  end
+end

data/lib/hyperwaverelay/vault.rb

@@ -0,0 +1,32 @@
+require 'thor'
+require 'securerandom'
+
+module Hyperwaverelay
+  class Vault < Thor
+    include Thor::Actions
+    desc "gen", "generate vault secrets"
+    def gen(root = nil)
+      if root
+        self.destination_root = File.expand_path(root)
+        puts "Entering Project Directory #{File.expand_path(root)}"
+      end
+      create_file ".vault_password" do
+        SecureRandom::base64(20)
+      end
+    end
+    desc "rekey", "rekey encrypted files"
+    def rekey
+      options[:force] == true
+      vaulted_files = Pathname.glob('**/*').select {|f| f.file? && Hyperwaverelay::Util.is_vaulted?(f.to_s)}
+      vaulted_files.each do |file|
+        puts "Decrypting #{file.to_s}"
+        system "ansible-vault decrypt #{file.to_s}"
+      end
+      invoke :gen, force: true
+      vaulted_files.each do |file|
+        puts "Recrypting #{file.to_s}"
+        system "ansible-vault encrypt #{file.to_s}"
+      end
+    end
+  end
+end

data/lib/hyperwaverelay/version.rb

@@ -1,3 +1,3 @@
 module Hyperwaverelay
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hyperwaverelay
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Mike Danko
@@ -86,7 +86,10 @@ files:
 - bin/setup
 - hyperwaverelay.gemspec
 - lib/hyperwaverelay.rb
+- lib/hyperwaverelay/keys.rb
 - lib/hyperwaverelay/templates/ansible.cfg.tt
+- lib/hyperwaverelay/util.rb
+- lib/hyperwaverelay/vault.rb
 - lib/hyperwaverelay/version.rb
 homepage: https://github.com/skord/hyperwaverelay
 licenses: