def collect_vars(script: dict) -> dict: var_dict = script.get('vars', {}) script['vars'] = var_dict # just for the case it was empty if CONFIG['teamvault']: for key, secret in script.get('secrets', {}).items(): sid, field = secret.split('_') if field == 'password': var_dict[key] = bwtv.password(sid) elif field == 'username': var_dict[key] = bwtv.username(sid) elif field == 'file': var_dict[key] = bwtv.file(sid) else: raise UnknownSecretTypeException(field) for syskey, system in script.get('systems', {}).items(): var_dict[f'system_{syskey}'] = system return var_dict
def collect_vars(script: dict) -> dict: var_dict = script.get('vars', {}) if var_dict is None: LOG.warning( 'Vars section defined, but empty!\nThis is illegal, either remove the section or add variables.' ) var_dict = {} script['vars'] = var_dict # just for the case it was empty if CONFIG['teamvault']: for key, secret in script.get('secrets', {}).items(): sid, field = secret.split('_') if field == 'password': var_dict[key] = bwtv.password(sid) elif field == 'username': var_dict[key] = bwtv.username(sid) elif field == 'file': var_dict[key] = bwtv.file(sid) else: raise UnknownSecretTypeException(field) for syskey, system in script.get('systems', {}).items(): # DEPRECATED, use SYSTEMS instead var_dict[f'system_{syskey}'] = system.replace('hostname!', '') return var_dict
'interfaces': { 'eth0': { 'address': '192.168.178.6', 'netmask': '255.255.255.0', 'gateway': '192.168.178.1', }, }, }, 'co2mon': { 'enabled': True, 'device': '/dev/co2mini0', 'co2-name': 'HZ_CO2', 'temperatur-name': 'HZ_TEMP', 'mqtt-host': 'rasp3.hm.benjamin-borbe.de', 'mqtt-queue': 'co2mon', 'mqtt-username': teamvault.username('9qNx3O', site='benjamin-borbe'), 'mqtt-password': teamvault.password('9qNx3O', site='benjamin-borbe'), }, 'golang': { 'enabled': True, 'arch': 'armv6l', 'version': '1.15.6', 'os': 'linux', }, 'iptables': { 'enabled': True, }, }, }
import bwtv as teamvault groups['meta-docker'] = { 'member_patterns': (r'.*', ), 'metadata': { 'docker': { 'login': { 'docker.benjamin-borbe.de': { 'username': teamvault.username('7qGQOW', site='benjamin-borbe'), 'password': teamvault.password('7qGQOW', site='benjamin-borbe'), }, }, }, }, }
from os import walk from os.path import join from collections.abc import Sequence, Mapping import tomlkit from bundlewrap.metadata import atomic import bwtv as teamvault # convert magicstrings in toml nodes converters = { 'decrypt': lambda x: vault.decrypt(x), 'decrypt_file': lambda x: vault.decrypt_file(x), 'teamvault_file': lambda x: teamvault.file(x), 'teamvault_username': lambda x: teamvault.username(x), 'teamvault_password': lambda x: teamvault.password(x), } def demagify(data): if isinstance(data, str): for name, converter in converters.items(): if data.startswith(f'!{name}:'): return converter(data[len(name) + 2:]) else: return data elif isinstance(data, Sequence): return [demagify(element) for element in data] elif isinstance(data, Mapping): return {key: demagify(value) for key, value in data.items()}
import bwtv as teamvault groups['meta-monit'] = { 'subgroup_patterns': (r".+", ), 'metadata': { 'monit': { 'enabled': True, 'mailserver': { 'sender': teamvault.username('KwRoO7', site='benjamin-borbe'), 'recipient': '*****@*****.**', 'server': 'mail.benjamin-borbe.de', 'port': 587, 'username': teamvault.username('KwRoO7', site='benjamin-borbe'), 'password': teamvault.password('KwRoO7', site='benjamin-borbe'), }, }, }, }