Forge Home

eyaml_functions

This module provides a set of functions to describe file content from eyaml encrypted sources.

6,133 downloads

5,912 latest version

5.0 quality score

Version information

  • 0.3.1 (latest)
  • 0.3.0
  • 0.2.0
  • 0.1.0
released Jun 7th 2016
This version is compatible with:
  • RedHat
    ,
    CentOS
    ,
    Debian
    ,
    Ubuntu

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'WhatsARanjit-eyaml_functions', '0.3.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add WhatsARanjit-eyaml_functions
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install WhatsARanjit-eyaml_functions --version 0.3.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

WhatsARanjit/eyaml_functions — version 0.3.1 Jun 7th 2016

#eyaml_functions Build Status

####Table of Contents

  1. Overview
  2. Requirements
  3. Setup
  4. Usage

##Overview

This module provides a set of functions to describe file content from eyaml encrypted sources.

##Requirements

The functions in this module require that the hiera-eyaml gem is installed and keys generated. The backend does not need to be in use. The location of the public and private keys are read from either a separate config or the hiera.yaml file.

##Setup

Non-Hiera Setup

Place a file at $environmentpath/$environment/eyaml.yaml with the location of they keys such as:

---
:eyaml:
  :pkcs7_private_key: /etc/puppetlabs/puppet/keys/private_key.pkcs7.pem
  :pkcs7_public_key: /etc/puppetlabs/puppet/keys/public_key.pkcs7.pem
  #Optional
  other:
    :pkcs7_private_key: /etc/puppetlabs/puppet/keys/private_key.pkcs7_other.pem
    :pkcs7_public_key: /etc/puppetlabs/puppet/keys/public_key.pkcs7_other.pem

Follow the same guidelines for key permissions listed for the hiera-eyaml gem.

Hiera Setup

Follow the setup procedure for the hiera-eyaml gem Hiera configuration. Public and private key locations will be read from hiera.yaml as long as no file at $environmentpath/$environment/eyaml.yaml exists.

##Usage

eyaml_string

Converts an eyaml encrypted string to plain-text.

Examples:

eyaml_string('ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEA0G2Cl2yCPlMsXkj3KOzMYO+kyXdSIoVad533Gr1FQaU7VqpM+rbt7CYM5WytFNYotsYyqxoSW3pGKKGxHL9f0c4q+xGZHV1GaHoR4rCnTps6fpyWVENkQJPZoEKi/fHSN2y+TryCf7Bt+3WRumkspZtUiZ0sG5G0kC80ssrDbbm2mSxwcZ1AvfEozcrCtCHJr3qxmFMEkHvhpW/roumuyhlgwhre6tkE7gqyntFrAR5Hzlt0Mk83Fg345qyKh/aq3iAv412/GgbKhFlHtMDcfW2y5ntZozuyvG7W73HQ64snRNR9JLUzZuhm0o/YQfUYFoSQIQIdi/TxCXb6nIZ46DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD5w0KZx5jxul3GUbSUXpvDgBCO/6XLdwlHb16bagi0igXf]')
# return: "hello"

# Using another key pair
eyaml_string('ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEA0G2Cl2yCPlMsXkj3KOzMYO+kyXdSIoVad533Gr1FQaU7VqpM+rbt7CYM5WytFNYotsYyqxoSW3pGKKGxHL9f0c4q+xGZHV1GaHoR4rCnTps6fpyWVENkQJPZoEKi/fHSN2y+TryCf7Bt+3WRumkspZtUiZ0sG5G0kC80ssrDbbm2mSxwcZ1AvfEozcrCtCHJr3qxmFMEkHvhpW/roumuyhlgwhre6tkE7gqyntFrAR5Hzlt0Mk83Fg345qyKh/aq3iAv412/GgbKhFlHtMDcfW2y5ntZozuyvG7W73HQ64snRNR9JLUzZuhm0o/YQfUYFoSQIQIdi/TxCXb6nIZ46DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD5w0KZx5jxul3GUbSUXpvDgBCO/6XLdwlHb16bagi0igXf]', 'other')
# return: "hello"

Type: rvalue.

eyaml_file

Converts an eyaml encrypted file to plain-text.

Examples:

# Assume /tmp/test.txt contains only the string in the above example
eyaml_file('/tmp/test.txt')
# return: "hello"

# Assume $modulepath/foo/files/test.txt contains only the string in the above example
eyaml_file('foo/test.txt')
# return: "hello"

# Using another key pair
eyaml_file('/tmp/test.txt', 'other')
# return: "hello"

Type: rvalue.

Notes

If an alternate key pair is not given or the string given cannot be found, the default key bill be used.