Store and retrieve encrypted configs from etcd or consul
Go
Latest commit 749e360 May 23, 2015 @bketelsen bketelsen Merge pull request #16 from oliveagle/ole_etcd_watch
etcd_watch fix
Permalink
Failed to load latest commit information.
backend etcd_watch fix May 5, 2015
bin/crypt Better perf when decoding lists Feb 7, 2015
config Adding list support Feb 4, 2015
encoding/secconf Updated go sub-repo import path. Nov 11, 2014
.gitignore update docs Oct 18, 2014
LICENSE MIT License Oct 19, 2014
README.md update README Oct 20, 2014

README.md

crypt

You can use crypt as a command line tool or as a configuration library:

Demo

Watch Kelsey explain crypt in this quick 5 minute video:

Crypt Demonstration Video

Generating gpg keys and keyrings

The crypt cli and config package require gpg keyrings.

Create a key and keyring from a batch file

vim app.batch
%echo Generating a configuration OpenPGP key
Key-Type: default
Subkey-Type: default
Name-Real: app
Name-Comment: app configuration key
Name-Email: app@example.com
Expire-Date: 0
%pubring .pubring.gpg
%secring .secring.gpg
%commit
%echo done

Run the following command:

gpg2 --batch --armor --gen-key app.batch

You should now have two keyrings, .pubring.gpg which contains the public keys, and .secring.gpg which contains the private keys.

Note the private key is not protected by a passphrase.