def do_regenerate_enter(screen, server):
"""GUI context for submitting unseal keys when
regenerating root token"""
for key_obj in do_get_keys(screen, server):
if not regenerate_enter(server, key_obj['key']):
popup(screen, "Unable to regenerate with %s:%s" %
(key_obj['index'], key_obj['name']))
def do_get_keys(screen, server):
"""Selecting keys from a screen I guess"""
keys = get_keys(screen, server)
screen.nooutrefresh()
if not keys:
popup(screen, "Must specify at least one key")
return []
return keys
def do_seal(screen, server):
"""Invoke the GUI action of sealing Vault"""
name = server['name']
seal_msg = "SEAL %s" % name
if not yesno(screen, seal_msg):
return
screen.refresh()
try:
if not seal(server):
popup(screen, "Unable to seal!")
except hvac.exceptions.Forbidden:
popup(screen, "Invalid root token!")
return
def main_loop(screen):
"""Main interaction loop."""
done = False
selection = 0
main_win = None
while not done:
main_win = refresh_screen(screen, selection, main_win)
screen.timeout(500)
ch = screen.getch()
if ch == 27:
screen.erase()
screen.refresh()
popup(screen, "Thank you for playing")
curses.endwin()
return
elif ch == curses.KEY_DOWN:
if selection < len(conf.get('vaults')) - 1:
selection = selection + 1
elif ch == curses.KEY_UP:
if selection > 0:
selection = selection - 1
elif ch == 10:
focus_loop(screen, selection)
def focus_input(screen, server):
"""User input for when we are in the detailed view of a Vault instance"""
screen.timeout(500)
ch = screen.getch()
if ch == 27:
return True
if 'init' in server:
if 255 > ch > 0:
ch_s = chr(ch).lower()
is_init = server['init']
if is_init:
is_sealed = server['sealed']
if not is_sealed:
is_rekey = server['rekey']
is_regenerating = server['regenerating']
is_ha = server['ha']
if is_ha:
is_leader = server['leader']
if ch_s == 's' and is_init and not is_sealed:
if not is_ha or (is_ha and is_leader):
do_seal(screen, server)
elif ch_s == 'u' and is_init and is_sealed:
do_unseal(screen, server)
elif ch_s == 'r' and is_init and not is_sealed and not is_rekey:
do_rekey(server)
elif ch_s == 'i' and not is_init:
do_init(screen, server)
elif ch_s == 'e' and is_init and is_rekey:
do_rekey_enter(screen, server)
elif ch_s == 'c' and is_init and is_rekey:
if not rekey_cancel(server):
popup(screen, "Unable to cancel rekey")
elif ch_s == 'e' and is_init and is_regenerating:
do_regenerate_enter(screen, server)
elif ch_s == 'c' and is_init and is_regenerating:
if not regenerate_cancel(server):
popup(screen, "Unable to cancel regeneration")
elif ch_s == 'o' and is_init and not is_rekey and \
not is_regenerating and not is_sealed:
if not rotate_master(server):
popup(screen, "Unable to rotate master")
elif ch_s == 'g' and is_init and \
not is_rekey and \
not is_regenerating and \
not is_sealed:
regenerate_start(server)
elif ch_s == 'p' and is_init and \
is_ha and is_leader:
step_down(server)
def do_unseal(screen, server):
"""Invoke the GUI action of unsealing a Vault server"""
client = server['client']
status = client.seal_status
if not status['sealed']:
popup(screen, "Not actually sealed")
return
for key_obj in do_get_keys(screen, server):
try:
unseal(client, key_obj['key'])
except hvac.exceptions.InvalidRequest:
popup(screen, "Unable to unseal with %s:%s" %
(key_obj['index'], key_obj['name']))
popup(screen, "Invalid Key!")
def do_init(screen, server):
"""GUI construct for initializing a blank Vault instance"""
if not init(server):
popup(screen, 'Unexpected return during vault init!')