mirror of
https://github.com/netzbegruenung/passbolt-salt
synced 2024-05-05 13:53:40 +02:00
Update README, example
This commit is contained in:
parent
d28de9a8f0
commit
73026a1ebd
2
LICENSE
2
LICENSE
|
@ -1,6 +1,6 @@
|
||||||
MIT License
|
MIT License
|
||||||
|
|
||||||
Copyright (c) 2020 netzbegruenung
|
Copyright (c) 2022 netzbegruenung
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
of this software and associated documentation files (the "Software"), to deal
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
|
15
README.md
15
README.md
|
@ -2,28 +2,29 @@
|
||||||
This Python module retrieves passwords for Passbolt groups to make them available in Saltstack Pillar.
|
This Python module retrieves passwords for Passbolt groups to make them available in Saltstack Pillar.
|
||||||
|
|
||||||
# License
|
# License
|
||||||
MIT
|
[MIT](LICENSE)
|
||||||
|
|
||||||
# Setup
|
# Setup
|
||||||
|
|
||||||
1. Clone this repo
|
1. Clone this repo
|
||||||
|
|
||||||
2. Go to directory, run (requires `python3-setuptools`)
|
2. Go to directory, run (requires `python3-setuptools`)
|
||||||
```
|
```shell
|
||||||
python3 setup.py install
|
python3 setup.py install
|
||||||
```
|
```
|
||||||
|
This will install this module and its dependencies.
|
||||||
|
|
||||||
3. Create an Passbolt account for the Salt master.
|
3. Create an Passbolt account for the Salt master.
|
||||||
|
|
||||||
4. Copy the private and public PGP key files to `/etc/salt`.
|
4. Copy the private and public PGP key files to `/etc/salt`.
|
||||||
|
|
||||||
5. Import the private key with
|
5. Import the private key with
|
||||||
```
|
```shell
|
||||||
gpg --import /etc/salt/passbolt_private.asc
|
gpg --import /etc/salt/passbolt_private.asc
|
||||||
```
|
```
|
||||||
|
|
||||||
6. Create a `/etc/salt/passbolt.ini` file with the following content:
|
6. Create a `/etc/salt/passbolt.ini` file with the following content:
|
||||||
```
|
```ini
|
||||||
[PASSBOLT]
|
[PASSBOLT]
|
||||||
SERVER = https://passbolt.example.com
|
SERVER = https://passbolt.example.com
|
||||||
#SERVER_PUBLIC_KEY_FILE = <optional: server_public.asc>
|
#SERVER_PUBLIC_KEY_FILE = <optional: server_public.asc>
|
||||||
|
@ -34,13 +35,13 @@ MIT
|
||||||
```
|
```
|
||||||
|
|
||||||
7. Change file permissions:
|
7. Change file permissions:
|
||||||
```
|
```shell
|
||||||
chown salt /etc/salt/passbolt*
|
chown salt /etc/salt/passbolt*
|
||||||
chmod 600 /etc/salt/passbolt*
|
chmod 600 /etc/salt/passbolt*
|
||||||
```
|
```
|
||||||
|
|
||||||
8. Create Pillar sls files for the different Salt minions. Use the example below as content for the sls files and replace the group UUID. Hint: you can find the group UUID in the URL of the Passbolt admin interface when editing a group.
|
8. Create Pillar sls files for the different Salt minions. Use the example below as content for the sls files and replace the group UUID. Hint: you can find the group UUID in the URL of the Passbolt admin interface when editing a group.
|
||||||
```
|
```python
|
||||||
#!py
|
#!py
|
||||||
def run():
|
def run():
|
||||||
from salt_passbolt import fetch_passbolt_passwords
|
from salt_passbolt import fetch_passbolt_passwords
|
||||||
|
@ -55,7 +56,7 @@ MIT
|
||||||
# YAML Replacement Structure
|
# YAML Replacement Structure
|
||||||
|
|
||||||
If the Passbolt server is not available, for example during local development, a file with the following format can replace the Python code mentioned in step 8:
|
If the Passbolt server is not available, for example during local development, a file with the following format can replace the Python code mentioned in step 8:
|
||||||
```
|
```yaml
|
||||||
passbolt:
|
passbolt:
|
||||||
3ec2a739-8e51-4c67-89fb-4bbfe9147e17: MY_SECRET
|
3ec2a739-8e51-4c67-89fb-4bbfe9147e17: MY_SECRET
|
||||||
```
|
```
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
#!py
|
|
||||||
fetch_passbolt_passwords("27b9abd4-af9b-4c9e-9af1-cf8cb963680c")
|
|
||||||
|
|
4
example/pillars/passbolt/pwgroup.sls
Normal file
4
example/pillars/passbolt/pwgroup.sls
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
#!py
|
||||||
|
def run():
|
||||||
|
from salt_passbolt import fetch_passbolt_passwords
|
||||||
|
return fetch_passbolt_passwords("27b9abd4-af9b-4c9e-9af1-cf8cb963680c")
|
|
@ -1,4 +1,3 @@
|
||||||
base:
|
base:
|
||||||
'myappserver*':
|
'myappserver.example.com':
|
||||||
- passbolt.myapp
|
- passbolt.pwgroup
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
base:
|
base:
|
||||||
'*':
|
'*':
|
||||||
- important_secrets
|
- important_secrets
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue