Skip to content

hunner/hiera-gpg

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

lib/hiera/backend

lib/hiera/backend

 
 

pkg

pkg

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

Repository files navigation

Introduction

Hiera is a configuration data store with pluggable back ends, hiera-gpg is a backend for hiera that supports gpg coded YAML files

Why?

Hiera is often used by configuration management systems such as Puppet with all the configuration stored in a VCS. Often you want to store sensitive information such as database root passwords in the same place as the rest of your configuration so Puppet can read it. hiera-gpg allows you to place your YAML in a gpg encoded file which can be read by Hiera on the command line or via Puppet on any machine that has a valid secret key.

Configuration

Here is a sample hiera.yaml file that will work with gpg

---
:backends: - gpg

:logger: console

:hierarchy: - %{env}
            - common

:gpg:
   :datadir: /etc/puppet/hieradata

   # Optional, defaults to ~/.gnupg
   :homedir: "/etc/puppet/gpg"

Todo

The back end currently just shells out to the GPG command (/usr/bin/env gpg) - I would like to implement this without shelling out, perhaps by using the gpgme API. Perhaps someone would care to fork it and look at doing that :)

Contact

About

GPG Backend to HIera

github.com/crayfishx/hiera-gpg

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published