puppet_trocla.git
3 years agomixed up trocla and puppet_trocla repos, sorry master
kwadronaut [Sun, 24 Jul 2016 22:44:22 +0000 (00:44 +0200)]
mixed up trocla and puppet_trocla repos, sorry

3 years agoignore pkg
mh [Sat, 18 Jun 2016 15:37:26 +0000 (17:37 +0200)]
ignore pkg

3 years agomake it run on 1.8.7
mh [Sat, 18 Jun 2016 15:37:08 +0000 (17:37 +0200)]
make it run on 1.8.7

3 years agorelease a new version
mh [Sat, 18 Jun 2016 10:36:33 +0000 (12:36 +0200)]
release a new version

3 years agoadd travis icon
mh [Tue, 7 Jun 2016 20:37:34 +0000 (22:37 +0200)]
add travis icon

3 years agokeep trocla object around - addresses #18
mh [Tue, 7 Jun 2016 19:59:33 +0000 (21:59 +0200)]
keep trocla object around - addresses #18

Per puppet function call we now created a new Trocla object. This
is a) a very naive approach and b) obviously can lead to a lot of
inefficiency as we for example need to build up trocla each time
again. Also this means that we are running into problems like
opening a connection to a database system each time a trocla
lookup is done (and we never close the connection :-/).

The proper way to solve this is to make sure we don't create too
many trocla objects. With this change, we should now create once
a global trocla object PER puppet(-master/-server) process and
keep it around for the life time of such a process.

3 years agowhitespace cleanup
mh [Tue, 7 Jun 2016 19:59:18 +0000 (21:59 +0200)]
whitespace cleanup

3 years agoa final release
mh [Sun, 29 May 2016 12:11:31 +0000 (14:11 +0200)]
a final release

3 years agoMerge branch 'master' of https://git-ipuppet.immerda.ch/module-trocla
mh [Sun, 22 May 2016 16:39:23 +0000 (18:39 +0200)]
Merge branch 'master' of https://git-ipuppet.immerda.ch/module-trocla

3 years agomake a ca by default very very long
mh [Sun, 27 Mar 2016 15:15:40 +0000 (17:15 +0200)]
make a ca by default very very long

3 years agomake it 1.8.7 compatible
mh [Sun, 27 Mar 2016 10:32:49 +0000 (12:32 +0200)]
make it 1.8.7 compatible

3 years agoimprove travis integration
mh [Sun, 27 Mar 2016 10:30:32 +0000 (12:30 +0200)]
improve travis integration

3 years agomake it work on ruby 1.8.7
mh [Sun, 27 Mar 2016 10:30:22 +0000 (12:30 +0200)]
make it work on ruby 1.8.7

3 years agomake sure we manage things after the package
mh [Fri, 29 Jan 2016 18:33:23 +0000 (19:33 +0100)]
make sure we manage things after the package

3 years agoalso manage directory as puppet user needs write perms as well
mh [Fri, 29 Jan 2016 18:14:12 +0000 (19:14 +0100)]
also manage directory as puppet user needs write perms as well

3 years agoupdate module to make it work with all the new features of trocla 0.2.2
mh [Wed, 27 Jan 2016 23:55:26 +0000 (00:55 +0100)]
update module to make it work with all the new features of trocla 0.2.2

3 years agoFix #17 - point to @ZeroPointEnergy's hiera-backend
mh [Tue, 22 Dec 2015 10:51:17 +0000 (11:51 +0100)]
Fix #17 - point to @ZeroPointEnergy's hiera-backend

4 years agoMerge pull request #16 from michaelweiser/qr2
duritong [Wed, 21 Oct 2015 20:44:23 +0000 (22:44 +0200)]
Merge pull request #16 from michaelweiser/qr2

Fix configfile error in hiera backend

4 years agoFix configfile error in hiera backend
Michael Weiser [Tue, 20 Oct 2015 16:31:10 +0000 (18:31 +0200)]
Fix configfile error in hiera backend

Get path to configuration file from config hash to avoid undefined
variable error.

4 years agocleanup and simplifaction
mh [Sun, 18 Oct 2015 16:18:14 +0000 (18:18 +0200)]
cleanup and simplifaction

* refactoring code for simplicity and easier maintenance.
* prefix the format and options config with default_ to better
  represent their intention.

4 years agoMerge pull request #15 from michaelweiser/qr1
duritong [Sun, 18 Oct 2015 15:31:09 +0000 (17:31 +0200)]
Merge pull request #15 from michaelweiser/qr1

Add custom hiera backend for trocla

4 years agoAdd custom hiera backend for trocla
Michael Weiser [Thu, 1 Oct 2015 15:15:58 +0000 (17:15 +0200)]
Add custom hiera backend for trocla

Only reacts to key namespace trocla::password::<trocla_key>. Looks up
additional parameters via hiera itself as
trocla::options::<trocla_key>::format (string) and
trocla::options::<trocla_key>::options (hash). Looks for <trocla_key> in
trocla as hiera/<source>/<trocla> with <source> iterating over the
configured hiera hierarchy. If not found, creates and returns a new
password with trocla key <trocla_key>.

example entry in hiera.yaml:
backends:
  - ...
  - trocla
trocla:
  - configfile: /etc/puppet/troclarc.yaml
  - format: plain
  - options:
    length: 16

example usage in hiera yaml file:
kerberos::kdc_database_password: "%{hiera('trocla::password::kdc_database_password')}"
trocla::options::kdc_database_password::format: 'plain'
trocla::options::kdc_database_password::options:
  length: '71'

4 years agoMerge branch 'master' of git.puppet.immerda.ch:module-trocla
mh [Sat, 26 Sep 2015 10:02:00 +0000 (12:02 +0200)]
Merge branch 'master' of git.puppet.immerda.ch:module-trocla

4 years agoif the provider is not gem we should name the package correctly
mh [Fri, 18 Sep 2015 16:16:27 +0000 (18:16 +0200)]
if the provider is not gem we should name the package correctly

4 years agoFix #14 - allow trocla_get not to raise an error if nothing is found
mh [Wed, 12 Aug 2015 06:48:24 +0000 (08:48 +0200)]
Fix #14 - allow trocla_get not to raise an error if nothing is found

Up to now we raised an error if nothing was found while using
trocla_get. The main idea was to ensure that typos in the key/format
are easily spotted and not overlooked as no password being returned
usually indicates that something is wrong.
As outlined in #14 there are use cases where it makes sense to not
have this behavior.
This change allows us to suppress the error raising and just return
the puppet undef if nothing is found.

4 years agowhitespace cleanup
mh [Wed, 12 Aug 2015 06:42:35 +0000 (08:42 +0200)]
whitespace cleanup

4 years agorelease lated version, which should have now fixed all the permissions
mh [Sun, 24 May 2015 16:13:44 +0000 (18:13 +0200)]
release lated version, which should have now fixed all the permissions

4 years agorelease lated version
mh [Sun, 24 May 2015 16:09:05 +0000 (18:09 +0200)]
release lated version

4 years agoMerge remote-tracking branch 'github/master'
mh [Sun, 24 May 2015 16:06:56 +0000 (18:06 +0200)]
Merge remote-tracking branch 'github/master'

4 years agorelease new version due to wrong packaging
mh [Sun, 24 May 2015 16:02:38 +0000 (18:02 +0200)]
release new version due to wrong packaging

4 years agoMerge pull request #12 from timogoebel/feature/encryption_sort
duritong [Thu, 9 Apr 2015 09:36:48 +0000 (11:36 +0200)]
Merge pull request #12 from timogoebel/feature/encryption_sort

sort ssl_options

4 years agosort ssl_options
Timo Goebel [Thu, 9 Apr 2015 08:52:09 +0000 (10:52 +0200)]
sort ssl_options

4 years agoMerge pull request #11 from timogoebel/feature/encryption_sort
duritong [Wed, 8 Apr 2015 08:08:49 +0000 (10:08 +0200)]
Merge pull request #11 from timogoebel/feature/encryption_sort

sort encryption options

4 years agosort encryption options
Timo Goebel [Thu, 2 Apr 2015 13:04:54 +0000 (15:04 +0200)]
sort encryption options

4 years agodependencies should either be managed by the package or gem
mh [Sun, 5 Apr 2015 17:21:13 +0000 (19:21 +0200)]
dependencies should either be managed by the package or gem

4 years agonew version
mh [Sat, 21 Mar 2015 14:49:13 +0000 (15:49 +0100)]
new version

4 years agoMerge remote-tracking branch 'github/master'
mh [Sat, 21 Mar 2015 14:48:17 +0000 (15:48 +0100)]
Merge remote-tracking branch 'github/master'

4 years agoMerge pull request #10 from timogoebel/feature/encryption
duritong [Sun, 1 Mar 2015 19:57:26 +0000 (20:57 +0100)]
Merge pull request #10 from timogoebel/feature/encryption

add support for encryption and ssl_options

4 years agoadd support for encryption and ssl_options
Timo Goebel [Sun, 1 Mar 2015 18:13:57 +0000 (19:13 +0100)]
add support for encryption and ssl_options

4 years agoMerge pull request #9 from michaelweiser/master
duritong [Wed, 18 Feb 2015 20:06:42 +0000 (21:06 +0100)]
Merge pull request #9 from michaelweiser/master

Fix dependency handling

4 years agoFix dependency handling
Michael Weiser [Mon, 16 Feb 2015 17:29:28 +0000 (18:29 +0100)]
Fix dependency handling

4 years agomoneta dependencies require ruby-devel
mh [Sat, 24 Jan 2015 20:11:32 +0000 (21:11 +0100)]
moneta dependencies require ruby-devel

5 years agonew release
mh [Sat, 13 Sep 2014 13:21:45 +0000 (15:21 +0200)]
new release

5 years agobump to version 0.0.11
mh [Thu, 21 Aug 2014 06:49:08 +0000 (08:49 +0200)]
bump to version 0.0.11

5 years agoensure that we always select a charset
mh [Thu, 21 Aug 2014 06:46:22 +0000 (08:46 +0200)]
ensure that we always select a charset

5 years agoRegenerate gemspec for version 0.0.10
mh [Fri, 27 Jun 2014 17:57:08 +0000 (19:57 +0200)]
Regenerate gemspec for version 0.0.10

5 years agoupdate version
mh [Fri, 27 Jun 2014 17:56:35 +0000 (19:56 +0200)]
update version

5 years agonew version
mh [Fri, 27 Jun 2014 17:30:03 +0000 (19:30 +0200)]
new version

5 years agoMerge branch 'tilya-charset_option'
mh [Fri, 27 Jun 2014 17:23:20 +0000 (19:23 +0200)]
Merge branch 'tilya-charset_option'

5 years agomake it possible that formats can query back to trocla itself, so they can lookup...
mh [Fri, 27 Jun 2014 17:22:44 +0000 (19:22 +0200)]
make it possible that formats can query back to trocla itself, so they can lookup other 'keys'

5 years agoadd SHA1 base64 encoded format
mh [Fri, 27 Jun 2014 17:01:20 +0000 (19:01 +0200)]
add SHA1 base64 encoded format

5 years agoMerge branch 'charset_option' of https://github.com/tilya/trocla into tilya-charset_o...
mh [Fri, 27 Jun 2014 16:59:02 +0000 (18:59 +0200)]
Merge branch 'charset_option' of https://github.com/tilya/trocla into tilya-charset_option

& simplify charset selection

Conflicts:
lib/trocla.rb
lib/trocla/util.rb

5 years agoMerge branch 'asquelt-safechars'
mh [Fri, 27 Jun 2014 16:46:49 +0000 (18:46 +0200)]
Merge branch 'asquelt-safechars'

5 years agoMerge branch 'safechars' of https://github.com/asquelt/trocla into asquelt-safechars
mh [Fri, 27 Jun 2014 16:46:34 +0000 (18:46 +0200)]
Merge branch 'safechars' of https://github.com/asquelt/trocla into asquelt-safechars

Conflicts:
lib/trocla.rb

5 years agoMerge pull request #14 from asquelt/master
duritong [Fri, 27 Jun 2014 16:44:55 +0000 (18:44 +0200)]
Merge pull request #14 from asquelt/master

x509 format

5 years agoadds charset option for generating plain passwords
Anna Janackova [Tue, 24 Jun 2014 06:09:43 +0000 (08:09 +0200)]
adds charset option for generating plain passwords

5 years agopuppet will convert all values to string, so we need to convert it back to integer...
asq [Thu, 3 Apr 2014 17:02:02 +0000 (19:02 +0200)]
puppet will convert all values to string, so we need to convert it back to integer for ranges

ie. for this to work:

$short_and_safe = {
                    'shellsafe' => 'true',
                    'length' => 6, # THIS WILL BE STRING!
                  }
$x = trocla('foo', 'plain', $short_and_safe)
notify { "test: $x": }

5 years agoadd option to generate shell-safe passwords
asq [Thu, 3 Apr 2014 15:15:37 +0000 (17:15 +0200)]
add option to generate shell-safe passwords

basically excludes characters that might be dangerous if used in shell.
many passwords generated by trocla may end up in some sort of bash
scripts (initscripts, sourced shell variables, etc) which may yeld
problems with default trocla random generator.

this can be now changed either in troclarc (with "shellsafe: true")
or on (ie. "trocla create foo plain '{ length: 32, shellsafe: true}'").

5 years agoMerge pull request #16 from tilya/bcrypt_rename
duritong [Thu, 29 May 2014 09:43:38 +0000 (11:43 +0200)]
Merge pull request #16 from tilya/bcrypt_rename

changes bcrypt-ruby to bcrypt in gemspec

5 years agochanges bcrypt-ruby to bcrypt in gemspec
Anna Janackova [Tue, 27 May 2014 08:51:07 +0000 (10:51 +0200)]
changes bcrypt-ruby to bcrypt in gemspec

5 years agopuppet will convert all values to string, so we need to convert it back to integer...
asq [Thu, 3 Apr 2014 17:02:02 +0000 (19:02 +0200)]
puppet will convert all values to string, so we need to convert it back to integer for ranges

ie. for this to work:

$short_and_safe = {
                    'shellsafe' => 'true',
                    'length' => 6, # THIS WILL BE STRING!
                  }
$x = trocla('foo', 'plain', $short_and_safe)
notify { "test: $x": }

5 years agoadd option to generate shell-safe passwords
asq [Thu, 3 Apr 2014 15:15:37 +0000 (17:15 +0200)]
add option to generate shell-safe passwords

basically excludes characters that might be dangerous if used in shell.
many passwords generated by trocla may end up in some sort of bash
scripts (initscripts, sourced shell variables, etc) which may yeld
problems with default trocla random generator.

this can be now changed either in troclarc (with "shellsafe: true")
or on (ie. "trocla create foo plain '{ length: 32, shellsafe: true}'").

5 years agoadd option to generate shell-safe passwords
asq [Thu, 3 Apr 2014 15:15:37 +0000 (17:15 +0200)]
add option to generate shell-safe passwords

basically excludes characters that might be dangerous if used in shell.
many passwords generated by trocla may end up in some sort of bash
scripts (initscripts, sourced shell variables, etc) which may yeld
problems with default trocla random generator.

this can be now changed either in troclarc (with "shellsafe: true")
or on (ie. "trocla create foo plain '{ length: 32, shellsafe: true}'").

5 years agox509 format - fix test
asq [Wed, 26 Feb 2014 17:30:03 +0000 (18:30 +0100)]
x509 format - fix test

5 years agox509 format - fix test
asq [Wed, 26 Feb 2014 17:10:32 +0000 (18:10 +0100)]
x509 format - fix test

5 years agox509 format - fixes
asq [Wed, 26 Feb 2014 17:00:51 +0000 (18:00 +0100)]
x509 format - fixes

5 years agox509 format
asq [Wed, 26 Feb 2014 12:08:04 +0000 (13:08 +0100)]
x509 format

5 years agofix Gemfile for 2.x
mh [Fri, 17 Jan 2014 16:36:42 +0000 (17:36 +0100)]
fix Gemfile for 2.x

5 years agotest with 2.x version
mh [Fri, 17 Jan 2014 15:29:55 +0000 (16:29 +0100)]
test with 2.x version

5 years agoadd .gitignore
mh [Sun, 17 Nov 2013 12:17:20 +0000 (13:17 +0100)]
add .gitignore

6 years agoRegenerate gemspec for version 0.0.9
mh [Thu, 3 Oct 2013 20:45:23 +0000 (22:45 +0200)]
Regenerate gemspec for version 0.0.9

6 years agorelease 0.0.9
mh [Thu, 3 Oct 2013 20:45:21 +0000 (22:45 +0200)]
release 0.0.9

6 years agoadd documentation of the existing functions
mh [Wed, 2 Oct 2013 09:32:55 +0000 (11:32 +0200)]
add documentation of the existing functions

6 years agolinting
mh [Wed, 2 Oct 2013 09:05:34 +0000 (11:05 +0200)]
linting

6 years agotypo
mh [Wed, 2 Oct 2013 08:32:20 +0000 (10:32 +0200)]
typo

6 years agoImprove the overall experience of the module.
mh [Wed, 2 Oct 2013 08:28:01 +0000 (10:28 +0200)]
Improve the overall experience of the module.

- Extending the README
- Add a trocla::yaml class for a simple quickstart.
- Fixes issues: #4 & #5

6 years agoremove init class, this confused ppl and better readme follows
mh [Wed, 2 Oct 2013 07:28:54 +0000 (09:28 +0200)]
remove init class, this confused ppl and better readme follows

6 years agoMerge pull request #3 from justicel/master
duritong [Wed, 4 Sep 2013 22:02:11 +0000 (15:02 -0700)]
Merge pull request #3 from justicel/master

Release of 0.0.2 module which includes template base configuration for t...

6 years agoMerge pull request #9 from ZeroPointEnergy/master
duritong [Wed, 4 Sep 2013 20:13:36 +0000 (13:13 -0700)]
Merge pull request #9 from ZeroPointEnergy/master

make sure that what we get from the command line is a string

6 years agomake sure that what we get from the command line is a string
Andreas Zuber [Wed, 4 Sep 2013 16:23:09 +0000 (18:23 +0200)]
make sure that what we get from the command line is a string

6 years agoMerge remote-tracking branch 'github/master'
mh [Tue, 20 Aug 2013 15:01:37 +0000 (17:01 +0200)]
Merge remote-tracking branch 'github/master'

6 years agoadd ssha format
mh [Tue, 20 Aug 2013 14:57:40 +0000 (16:57 +0200)]
add ssha format

6 years agoChange to allow you to define to install rubygem requirements
Justice London [Fri, 2 Aug 2013 19:56:32 +0000 (15:56 -0400)]
Change to allow you to define to install rubygem requirements

6 years agoRelease of 0.0.2 module which includes template base configuration for trocla CLI.
Justice London [Fri, 12 Jul 2013 22:14:53 +0000 (18:14 -0400)]
Release of 0.0.2 module which includes template base configuration for trocla CLI.

6 years agoMerge pull request #8 from yath/master
duritong [Thu, 27 Jun 2013 16:47:50 +0000 (09:47 -0700)]
Merge pull request #8 from yath/master

[BUG] Store hashed password supplied via 'set' instead of plaintext

6 years agoSave passwords set via 'set' as hash, if asked to.
Sebastian Schmidt [Thu, 27 Jun 2013 15:58:54 +0000 (17:58 +0200)]
Save passwords set via 'set' as hash, if asked to.

Trocla doesn't save the hashed password in the data file, even if the
format passed to 'set' is not 'plain':

$ echo foobar | trocla set testuser sha512crypt -p

$ grep -A1 testuser trocla_data.yaml
testuser:
  sha512crypt: foobar

6 years agoMerge pull request #2 from amfranz/master
duritong [Wed, 20 Mar 2013 20:53:42 +0000 (13:53 -0700)]
Merge pull request #2 from amfranz/master

Compatibility with latest Puppet version (v3.1.0)

6 years agoRemoving calls to Puppet.features.rubygems?
Michael Franz Aigner [Thu, 28 Feb 2013 13:17:37 +0000 (08:17 -0500)]
Removing calls to Puppet.features.rubygems?

This makes the Gem usable in the latest Puppet versions.

The handling of RubyGems got revised in Puppet 3.0.1-rc1:
  http://projects.puppetlabs.com/issues/16757

The new policy is that either bundler and/or rubygems are guaranteed to
be loaded and initialized when the Puppet manifest is evaluated, making
it unnecessary for Puppet modules to load rubygems.

This new policy broke the puppet-trocla module. This is because
'Puppet.features.rubygems?' always evaluates to false now, which causes
the module to abort the manifest compilation with a message informing
about the necessity of RubyGems to be present.

6 years agomake sed command more explicit so it's clear when copy/paste from rendered markdown
mh [Fri, 18 Jan 2013 16:55:55 +0000 (17:55 +0100)]
make sed command more explicit so it's clear when copy/paste from rendered markdown

6 years agolinting
mh [Mon, 14 Jan 2013 22:04:38 +0000 (23:04 +0100)]
linting

6 years agoadapt to new moneta version
mh [Mon, 14 Jan 2013 22:02:47 +0000 (23:02 +0100)]
adapt to new moneta version

6 years agobetter markup
mh [Mon, 14 Jan 2013 21:11:07 +0000 (22:11 +0100)]
better markup

6 years agoadd note about migrating yaml backend
mh [Mon, 14 Jan 2013 21:08:41 +0000 (22:08 +0100)]
add note about migrating yaml backend

6 years agonotes about upgrading to 0.0.8
mh [Mon, 14 Jan 2013 19:49:04 +0000 (20:49 +0100)]
notes about upgrading to 0.0.8

6 years agoRegenerate gemspec for version 0.0.8
mh [Mon, 14 Jan 2013 19:36:30 +0000 (20:36 +0100)]
Regenerate gemspec for version 0.0.8

6 years agorearrange format checking
mh [Sun, 30 Dec 2012 13:47:00 +0000 (14:47 +0100)]
rearrange format checking

6 years agocheck if format is valid before creating/seting/...
icy [Wed, 9 May 2012 10:33:07 +0000 (17:33 +0700)]
check if format is valid before creating/seting/...

as the old code only checks if the format name is empty, we can set any
kind of key/value in the database. for example, this command will work
without any error reported:

    trocla set someuser strange_format

I replace the method miss_format by check_format that should be invoked
before any thing related to format.

6 years agoimprove README, get rid off obsolete --pwd-from-stdin
mh [Sat, 29 Dec 2012 16:42:38 +0000 (17:42 +0100)]
improve README, get rid off obsolete --pwd-from-stdin

6 years ago--pwd-from-stdin now can read from STDIN.
icy [Fri, 4 May 2012 08:41:04 +0000 (15:41 +0700)]
--pwd-from-stdin now can read from STDIN.

You can use pipe to provide multiple line password.
Side effect: you can use trocla to store/retreive any kind of data,
for example, public SSH key for your deployment tool.

The former way of --pwd-from-stdin should be provided by the
option --password / -p. STDIN has a different mean, IMHO.

6 years agobuild status
mh [Fri, 28 Dec 2012 15:32:33 +0000 (16:32 +0100)]
build status