vault_tools

pdk
Vault utils, provides usefull functions and resource types

114 downloads

94 latest version

3.1 quality score

Version information

  • 0.2.0 (latest)
  • 0.1.0 (deleted)
released Oct 5th 2024
This version is compatible with:
  • Puppet Enterprise 2025.4.x, 2025.3.x, 2025.2.x, 2025.1.x, 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2021.7.x
  • Puppet >= 7.24 < 9.0.0
  • CentOS
    ,
    OracleLinux
    ,
    RedHat
    ,
    Scientific
    ,
    Rocky
    ,
    AlmaLinux
    ,
    Debian
    ,
    Ubuntu
    ,
    Fedora

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'none0nfg-vault_tools', '0.2.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add none0nfg-vault_tools
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install none0nfg-vault_tools --version 0.2.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

none0nfg/vault_tools — version 0.2.0 Oct 5th 2024

vault_tools

Table of Contents

  1. Description
  2. Setup - The basics of getting started with vault_tools
  3. Usage - Configuration options and additional functionality
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

Provides usefull utils for vault. Such as:

  • sync vault secrets with files

Developers suggest to render manifests of this module on serverside, so it's easy to manage credentials for vault. Simply add ENVs to /etc/puppetlabs/puppetserver/conf.d/puppetserver.conf as described here, in docs.

Setup

Beginning with vault_tools

To install this module you can simply follow default instructions:

Add following line into your Puppetfile:

mod 'none0nfg-vault_tools', '<VERSION>'

or manually

puppet module install none0nfg-vault_tools --version <VERSION>

Usage

Just sync some secret from vault to filesystem

vault_tools::vault_file_sync { 'secret/data/certs':
  dest => '/etc/ssl',
  file_specs => {
    owner => 'nginx',
    group => 'nginx',
    mode  => '0664'
  },
  vault_client => {approle_path_segment => 'v1/auth/approle/'},
}

Current example will produce each key of 'secret/data/certs' as file, using key as a filename, and content will be the values of that keys

Remeber that approle_path_segment shoud ends with / or it will raise a error.

Limitations

No specific limitations

Development

There is no way to contribute for now.