Automated password changes for cloudcsale.ch accounts. Passwords can be retrieved and saved using Hashicorp Vault, Cryptopus or command line.
Build tools and dev dependencies are required:
sudo apt install ruby-dev libffi-dev build-essential
# make sure bundler is installed
gem install bundler
# install dependencies from Gemfile
bundle install
The following ENV vars can be used:
CRYPTOPUS_API_URL='https://cryptopus.example.com/api'
CRYPTOPUS_TOKEN='your-token'
# vault settings
VAULT_ADDR='https://vault.example.com'
VAULT_TOKEN='my-vault-token'
Updates your cloudscale.ch account password.
Make sure 2FA is disabled, or pwmate won't be able to login to your account.
The current password is always retriefed from the first store from the list.
Prompts for the current password and outputs the new password to the command line.
Use with care - recommended only for testing purposes!
Retrieves and stores passwords in Hashicorp Vault.
Retrieves and stores passwords in Cryptopus.
pwmate takes YAML files as input in order to update one or many accounts.
Here is an example input.yml
definition:
accounts:
- name: My cloudscale account
type: cloudscale.ch
username: account@example.com
secret_stores:
- type: vault
path: kv/data/spaces/my-secret
key: password
- type: cryptopus
user: my-api-user
account: 4242
- type: cli
Update all accounts defined in a input file:
./pwmate -f input.yml
Show all usage options:
./pwmate --help