hyperwaverelay 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/hyperwaverelay.rb +10 -13
- data/lib/hyperwaverelay/keys.rb +18 -0
- data/lib/hyperwaverelay/templates/ansible.cfg.tt +1 -1
- data/lib/hyperwaverelay/util.rb +31 -0
- data/lib/hyperwaverelay/vault.rb +32 -0
- data/lib/hyperwaverelay/version.rb +1 -1
- metadata +4 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fe672694d18ee6341e15a29d16c6be7c176982f2
|
4
|
+
data.tar.gz: 69f9a475631505c9eff07ae2f466d95c5e174777
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 873fe7383d935373f275bc8e51f959ee0b050bbcd665e9ca81bebc3e59efae83b3884422f7fa560f6bca881824eb2d4eb695c1a094ef72da3f0798581bcc3b91
|
7
|
+
data.tar.gz: 06feeb2fa6046313ac0c6d197352837f6eb2b1391d89b14d136e53f3f15aab96013cd0466351864ef031e19c253460b466dcc4a10253ec0134e9fb4979de83f9
|
data/lib/hyperwaverelay.rb
CHANGED
@@ -1,8 +1,9 @@
|
|
1
1
|
require "bundler/setup"
|
2
2
|
require "hyperwaverelay/version"
|
3
|
-
require "
|
3
|
+
require "hyperwaverelay/keys"
|
4
|
+
require "hyperwaverelay/vault"
|
5
|
+
require "hyperwaverelay/util"
|
4
6
|
require "thor"
|
5
|
-
require 'sshkey'
|
6
7
|
|
7
8
|
module Hyperwaverelay
|
8
9
|
class Cli < Thor
|
@@ -19,21 +20,17 @@ module Hyperwaverelay
|
|
19
20
|
["group_vars","host_vars","roles"].each do |dir|
|
20
21
|
empty_directory("#{name}/#{dir}")
|
21
22
|
end
|
22
|
-
create_file "#{name}/.vault_password" do
|
23
|
-
SecureRandom::base64(20)
|
24
|
-
end
|
25
23
|
create_file "#{name}/group_vars/all" do
|
26
24
|
"---\n"
|
27
25
|
end
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
end
|
32
|
-
create_file "#{ENV['HOME']}/.ssh/ansible_deploy.pub" do
|
33
|
-
key.ssh_public_key
|
34
|
-
end
|
35
|
-
template "hyperwaverelay/templates/ansible.cfg.tt", "#{name}/ansible.cfg"
|
26
|
+
template "hyperwaverelay/templates/ansible.cfg.tt", "#{name}/ansible.cfg", {name: name}
|
27
|
+
invoke "hyperwaverelay:keys:keygen"
|
28
|
+
invoke "hyperwaverelay:vault:gen"
|
36
29
|
end
|
30
|
+
desc "keys SUBCOMMAND ARGS", "manage SSH keys"
|
31
|
+
subcommand "keys", Keys
|
32
|
+
desc "vault SUBCOMMAND ARGS", "manage vault"
|
33
|
+
subcommand "vault", Vault
|
37
34
|
end
|
38
35
|
end
|
39
36
|
|
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'thor'
|
2
|
+
require 'sshkey'
|
3
|
+
|
4
|
+
module Hyperwaverelay
|
5
|
+
class Keys < Thor
|
6
|
+
include Thor::Actions
|
7
|
+
desc "keygen key_prefix", "generate ssh keys"
|
8
|
+
def keygen(prefix)
|
9
|
+
key = ::SSHKey.generate
|
10
|
+
create_file "#{ENV['HOME']}/.ssh/#{prefix}_ansible_deploy" do
|
11
|
+
key.private_key
|
12
|
+
end
|
13
|
+
create_file "#{ENV['HOME']}/.ssh/#{prefix}_ansible_deploy.pub" do
|
14
|
+
key.ssh_public_key
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
[defaults]
|
2
2
|
ansible_managed = Ansible Managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}
|
3
3
|
vault_password_file = .vault_password
|
4
|
+
private_key_file = <%= ENV['HOME'] %>/.ssh/<%= config[:name] %>_ansible_deploy
|
4
5
|
<% if options[:disable_host_key_checking] %>host_key_checking = False <% end %>
|
5
6
|
<% if options[:remote_user] %>remote_user = <%= options[:remote_user] %><% end %>
|
6
7
|
<% if options[:inventory] %>inventory = <%= options[:inventory] %><% end %>
|
7
|
-
private_key_file = <%= ENV['HOME'] %>/.ssh/ansible_deploy
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'pathname'
|
2
|
+
|
3
|
+
module Hyperwaverelay
|
4
|
+
class Util
|
5
|
+
def self.has_ansible_cfg?
|
6
|
+
has_file?('ansible.cfg')
|
7
|
+
end
|
8
|
+
def self.has_directories?
|
9
|
+
has_dir?('group_vars') && has_dir?('host_vars') && has_dir?('roles')
|
10
|
+
end
|
11
|
+
def self.is_ansible_project?
|
12
|
+
has_directories? && has_ansible_cfg?
|
13
|
+
end
|
14
|
+
def self.vault_present?
|
15
|
+
has_hidden_file?('.vault_password')
|
16
|
+
end
|
17
|
+
def self.is_vaulted?(file)
|
18
|
+
File.readlines(file)[0] == "$ANSIBLE_VAULT;1.1;AES256\n"
|
19
|
+
end
|
20
|
+
protected
|
21
|
+
def self.has_file?(filename)
|
22
|
+
Pathname.glob('*').any? {|f| f.file? && f.to_s == filename}
|
23
|
+
end
|
24
|
+
def self.has_dir?(dirname)
|
25
|
+
Pathname.glob('*').any? {|d| d.directory? && d.to_s == dirname}
|
26
|
+
end
|
27
|
+
def self.has_hidden_file?(filename)
|
28
|
+
Pathname.glob('.*').any? {|f| f.file? && f.to_s == filename}
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'thor'
|
2
|
+
require 'securerandom'
|
3
|
+
|
4
|
+
module Hyperwaverelay
|
5
|
+
class Vault < Thor
|
6
|
+
include Thor::Actions
|
7
|
+
desc "gen", "generate vault secrets"
|
8
|
+
def gen(root = nil)
|
9
|
+
if root
|
10
|
+
self.destination_root = File.expand_path(root)
|
11
|
+
puts "Entering Project Directory #{File.expand_path(root)}"
|
12
|
+
end
|
13
|
+
create_file ".vault_password" do
|
14
|
+
SecureRandom::base64(20)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
desc "rekey", "rekey encrypted files"
|
18
|
+
def rekey
|
19
|
+
options[:force] == true
|
20
|
+
vaulted_files = Pathname.glob('**/*').select {|f| f.file? && Hyperwaverelay::Util.is_vaulted?(f.to_s)}
|
21
|
+
vaulted_files.each do |file|
|
22
|
+
puts "Decrypting #{file.to_s}"
|
23
|
+
system "ansible-vault decrypt #{file.to_s}"
|
24
|
+
end
|
25
|
+
invoke :gen, force: true
|
26
|
+
vaulted_files.each do |file|
|
27
|
+
puts "Recrypting #{file.to_s}"
|
28
|
+
system "ansible-vault encrypt #{file.to_s}"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hyperwaverelay
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mike Danko
|
@@ -86,7 +86,10 @@ files:
|
|
86
86
|
- bin/setup
|
87
87
|
- hyperwaverelay.gemspec
|
88
88
|
- lib/hyperwaverelay.rb
|
89
|
+
- lib/hyperwaverelay/keys.rb
|
89
90
|
- lib/hyperwaverelay/templates/ansible.cfg.tt
|
91
|
+
- lib/hyperwaverelay/util.rb
|
92
|
+
- lib/hyperwaverelay/vault.rb
|
90
93
|
- lib/hyperwaverelay/version.rb
|
91
94
|
homepage: https://github.com/skord/hyperwaverelay
|
92
95
|
licenses:
|