Skip to content

WhatsARanjit/puppet-eyaml-functions

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
lib/puppet
lib/puppet
 
 
spec
spec
 
 
.fixtures.yml
.fixtures.yml
 
 
.gitignore
.gitignore
 
 
.rspec
.rspec
 
 
.travis.yml
.travis.yml
 
 
Gemfile
Gemfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
metadata.json
metadata.json
 
 

Repository files navigation

#eyaml_functions Build Status

####Table of Contents

  1. Overview
  2. Requirements
  3. Setup
  4. Usage

##Overview

This module provides a set of functions to describe file content from eyaml encrypted sources.

##Requirements

The functions in this module require that the hiera-eyaml gem is installed and keys generated. The backend does not need to be in use. The location of the public and private keys are read from either a separate config or the hiera.yaml file.

##Setup

Non-Hiera Setup

Place a file at $environmentpath/$environment/eyaml.yaml with the location of they keys such as:

---
:eyaml:
  :pkcs7_private_key: /etc/puppetlabs/puppet/keys/private_key.pkcs7.pem
  :pkcs7_public_key: /etc/puppetlabs/puppet/keys/public_key.pkcs7.pem
  #Optional
  other:
    :pkcs7_private_key: /etc/puppetlabs/puppet/keys/private_key.pkcs7_other.pem
    :pkcs7_public_key: /etc/puppetlabs/puppet/keys/public_key.pkcs7_other.pem

Follow the same guidelines for key permissions listed for the hiera-eyaml gem.

Hiera Setup

Follow the setup procedure for the hiera-eyaml gem Hiera configuration. Public and private key locations will be read from hiera.yaml as long as no file at $environmentpath/$environment/eyaml.yaml exists.

##Usage

eyaml_string

Converts an eyaml encrypted string to plain-text.

Examples:

eyaml_string('ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEA0G2Cl2yCPlMsXkj3KOzMYO+kyXdSIoVad533Gr1FQaU7VqpM+rbt7CYM5WytFNYotsYyqxoSW3pGKKGxHL9f0c4q+xGZHV1GaHoR4rCnTps6fpyWVENkQJPZoEKi/fHSN2y+TryCf7Bt+3WRumkspZtUiZ0sG5G0kC80ssrDbbm2mSxwcZ1AvfEozcrCtCHJr3qxmFMEkHvhpW/roumuyhlgwhre6tkE7gqyntFrAR5Hzlt0Mk83Fg345qyKh/aq3iAv412/GgbKhFlHtMDcfW2y5ntZozuyvG7W73HQ64snRNR9JLUzZuhm0o/YQfUYFoSQIQIdi/TxCXb6nIZ46DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD5w0KZx5jxul3GUbSUXpvDgBCO/6XLdwlHb16bagi0igXf]')
# return: "hello"

# Using another key pair
eyaml_string('ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEA0G2Cl2yCPlMsXkj3KOzMYO+kyXdSIoVad533Gr1FQaU7VqpM+rbt7CYM5WytFNYotsYyqxoSW3pGKKGxHL9f0c4q+xGZHV1GaHoR4rCnTps6fpyWVENkQJPZoEKi/fHSN2y+TryCf7Bt+3WRumkspZtUiZ0sG5G0kC80ssrDbbm2mSxwcZ1AvfEozcrCtCHJr3qxmFMEkHvhpW/roumuyhlgwhre6tkE7gqyntFrAR5Hzlt0Mk83Fg345qyKh/aq3iAv412/GgbKhFlHtMDcfW2y5ntZozuyvG7W73HQ64snRNR9JLUzZuhm0o/YQfUYFoSQIQIdi/TxCXb6nIZ46DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD5w0KZx5jxul3GUbSUXpvDgBCO/6XLdwlHb16bagi0igXf]', 'other')
# return: "hello"

Type: rvalue.

eyaml_file

Converts an eyaml encrypted file to plain-text.

Examples:

# Assume /tmp/test.txt contains only the string in the above example
eyaml_file('/tmp/test.txt')
# return: "hello"

# Assume $modulepath/foo/files/test.txt contains only the string in the above example
eyaml_file('foo/test.txt')
# return: "hello"

# Using another key pair
eyaml_file('/tmp/test.txt', 'other')
# return: "hello"

Type: rvalue.

Notes

If an alternate key pair is not given or the string given cannot be found, the default key bill be used.

About

Deliver file content from encrypted files

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 3

0.3.1 Latest
Jun 7, 2016
+ 2 releases

Packages

No packages published

Languages