kwadronaut [Sun, 24 Jul 2016 22:44:22 +0000 (00:44 +0200)]
mixed up trocla and puppet_trocla repos, sorry
mh [Sat, 18 Jun 2016 15:37:26 +0000 (17:37 +0200)]
ignore pkg
mh [Sat, 18 Jun 2016 15:37:08 +0000 (17:37 +0200)]
make it run on 1.8.7
mh [Sat, 18 Jun 2016 10:36:33 +0000 (12:36 +0200)]
release a new version
mh [Tue, 7 Jun 2016 20:37:34 +0000 (22:37 +0200)]
add travis icon
mh [Tue, 7 Jun 2016 19:59:33 +0000 (21:59 +0200)]
keep trocla object around - addresses #18
Per puppet function call we now created a new Trocla object. This
is a) a very naive approach and b) obviously can lead to a lot of
inefficiency as we for example need to build up trocla each time
again. Also this means that we are running into problems like
opening a connection to a database system each time a trocla
lookup is done (and we never close the connection :-/).
The proper way to solve this is to make sure we don't create too
many trocla objects. With this change, we should now create once
a global trocla object PER puppet(-master/-server) process and
keep it around for the life time of such a process.
mh [Tue, 7 Jun 2016 19:59:18 +0000 (21:59 +0200)]
whitespace cleanup
mh [Sun, 29 May 2016 12:11:31 +0000 (14:11 +0200)]
a final release
mh [Sun, 22 May 2016 16:39:23 +0000 (18:39 +0200)]
Merge branch 'master' of https://git-ipuppet.immerda.ch/module-trocla
mh [Sun, 27 Mar 2016 15:15:40 +0000 (17:15 +0200)]
make a ca by default very very long
mh [Sun, 27 Mar 2016 10:32:49 +0000 (12:32 +0200)]
make it 1.8.7 compatible
mh [Sun, 27 Mar 2016 10:30:32 +0000 (12:30 +0200)]
improve travis integration
mh [Sun, 27 Mar 2016 10:30:22 +0000 (12:30 +0200)]
make it work on ruby 1.8.7
mh [Fri, 29 Jan 2016 18:33:23 +0000 (19:33 +0100)]
make sure we manage things after the package
mh [Fri, 29 Jan 2016 18:14:12 +0000 (19:14 +0100)]
also manage directory as puppet user needs write perms as well
mh [Wed, 27 Jan 2016 23:55:26 +0000 (00:55 +0100)]
update module to make it work with all the new features of trocla 0.2.2
mh [Tue, 22 Dec 2015 10:51:17 +0000 (11:51 +0100)]
Fix #17 - point to @ZeroPointEnergy's hiera-backend
duritong [Wed, 21 Oct 2015 20:44:23 +0000 (22:44 +0200)]
Merge pull request #16 from michaelweiser/qr2
Fix configfile error in hiera backend
Michael Weiser [Tue, 20 Oct 2015 16:31:10 +0000 (18:31 +0200)]
Fix configfile error in hiera backend
Get path to configuration file from config hash to avoid undefined
variable error.
mh [Sun, 18 Oct 2015 16:18:14 +0000 (18:18 +0200)]
cleanup and simplifaction
* refactoring code for simplicity and easier maintenance.
* prefix the format and options config with default_ to better
represent their intention.
duritong [Sun, 18 Oct 2015 15:31:09 +0000 (17:31 +0200)]
Merge pull request #15 from michaelweiser/qr1
Add custom hiera backend for trocla
Michael Weiser [Thu, 1 Oct 2015 15:15:58 +0000 (17:15 +0200)]
Add custom hiera backend for trocla
Only reacts to key namespace trocla::password::<trocla_key>. Looks up
additional parameters via hiera itself as
trocla::options::<trocla_key>::format (string) and
trocla::options::<trocla_key>::options (hash). Looks for <trocla_key> in
trocla as hiera/<source>/<trocla> with <source> iterating over the
configured hiera hierarchy. If not found, creates and returns a new
password with trocla key <trocla_key>.
example entry in hiera.yaml:
backends:
- ...
- trocla
trocla:
- configfile: /etc/puppet/troclarc.yaml
- format: plain
- options:
length: 16
example usage in hiera yaml file:
kerberos::kdc_database_password: "%{hiera('trocla::password::kdc_database_password')}"
trocla::options::kdc_database_password::format: 'plain'
trocla::options::kdc_database_password::options:
length: '71'
mh [Sat, 26 Sep 2015 10:02:00 +0000 (12:02 +0200)]
Merge branch 'master' of git.puppet.immerda.ch:module-trocla
mh [Fri, 18 Sep 2015 16:16:27 +0000 (18:16 +0200)]
if the provider is not gem we should name the package correctly
mh [Wed, 12 Aug 2015 06:48:24 +0000 (08:48 +0200)]
Fix #14 - allow trocla_get not to raise an error if nothing is found
Up to now we raised an error if nothing was found while using
trocla_get. The main idea was to ensure that typos in the key/format
are easily spotted and not overlooked as no password being returned
usually indicates that something is wrong.
As outlined in #14 there are use cases where it makes sense to not
have this behavior.
This change allows us to suppress the error raising and just return
the puppet undef if nothing is found.
mh [Wed, 12 Aug 2015 06:42:35 +0000 (08:42 +0200)]
whitespace cleanup
mh [Sun, 24 May 2015 16:13:44 +0000 (18:13 +0200)]
release lated version, which should have now fixed all the permissions
mh [Sun, 24 May 2015 16:09:05 +0000 (18:09 +0200)]
release lated version
mh [Sun, 24 May 2015 16:06:56 +0000 (18:06 +0200)]
Merge remote-tracking branch 'github/master'
mh [Sun, 24 May 2015 16:02:38 +0000 (18:02 +0200)]
release new version due to wrong packaging
duritong [Thu, 9 Apr 2015 09:36:48 +0000 (11:36 +0200)]
Merge pull request #12 from timogoebel/feature/encryption_sort
sort ssl_options
Timo Goebel [Thu, 9 Apr 2015 08:52:09 +0000 (10:52 +0200)]
sort ssl_options
duritong [Wed, 8 Apr 2015 08:08:49 +0000 (10:08 +0200)]
Merge pull request #11 from timogoebel/feature/encryption_sort
sort encryption options
Timo Goebel [Thu, 2 Apr 2015 13:04:54 +0000 (15:04 +0200)]
sort encryption options
mh [Sun, 5 Apr 2015 17:21:13 +0000 (19:21 +0200)]
dependencies should either be managed by the package or gem
mh [Sat, 21 Mar 2015 14:49:13 +0000 (15:49 +0100)]
new version
mh [Sat, 21 Mar 2015 14:48:17 +0000 (15:48 +0100)]
Merge remote-tracking branch 'github/master'
duritong [Sun, 1 Mar 2015 19:57:26 +0000 (20:57 +0100)]
Merge pull request #10 from timogoebel/feature/encryption
add support for encryption and ssl_options
Timo Goebel [Sun, 1 Mar 2015 18:13:57 +0000 (19:13 +0100)]
add support for encryption and ssl_options
duritong [Wed, 18 Feb 2015 20:06:42 +0000 (21:06 +0100)]
Merge pull request #9 from michaelweiser/master
Fix dependency handling
Michael Weiser [Mon, 16 Feb 2015 17:29:28 +0000 (18:29 +0100)]
Fix dependency handling
mh [Sat, 24 Jan 2015 20:11:32 +0000 (21:11 +0100)]
moneta dependencies require ruby-devel
mh [Sat, 13 Sep 2014 13:21:45 +0000 (15:21 +0200)]
new release
mh [Thu, 21 Aug 2014 06:49:08 +0000 (08:49 +0200)]
bump to version 0.0.11
mh [Thu, 21 Aug 2014 06:46:22 +0000 (08:46 +0200)]
ensure that we always select a charset
mh [Fri, 27 Jun 2014 17:57:08 +0000 (19:57 +0200)]
Regenerate gemspec for version 0.0.10
mh [Fri, 27 Jun 2014 17:56:35 +0000 (19:56 +0200)]
update version
mh [Fri, 27 Jun 2014 17:30:03 +0000 (19:30 +0200)]
new version
mh [Fri, 27 Jun 2014 17:23:20 +0000 (19:23 +0200)]
Merge branch 'tilya-charset_option'
mh [Fri, 27 Jun 2014 17:22:44 +0000 (19:22 +0200)]
make it possible that formats can query back to trocla itself, so they can lookup other 'keys'
mh [Fri, 27 Jun 2014 17:01:20 +0000 (19:01 +0200)]
add SHA1 base64 encoded format
mh [Fri, 27 Jun 2014 16:59:02 +0000 (18:59 +0200)]
Merge branch 'charset_option' of https://github.com/tilya/trocla into tilya-charset_option
& simplify charset selection
Conflicts:
lib/trocla.rb
lib/trocla/util.rb
mh [Fri, 27 Jun 2014 16:46:49 +0000 (18:46 +0200)]
Merge branch 'asquelt-safechars'
mh [Fri, 27 Jun 2014 16:46:34 +0000 (18:46 +0200)]
Merge branch 'safechars' of https://github.com/asquelt/trocla into asquelt-safechars
Conflicts:
lib/trocla.rb
duritong [Fri, 27 Jun 2014 16:44:55 +0000 (18:44 +0200)]
Merge pull request #14 from asquelt/master
x509 format
Anna Janackova [Tue, 24 Jun 2014 06:09:43 +0000 (08:09 +0200)]
adds charset option for generating plain passwords
asq [Thu, 3 Apr 2014 17:02:02 +0000 (19:02 +0200)]
puppet will convert all values to string, so we need to convert it back to integer for ranges
ie. for this to work:
$short_and_safe = {
'shellsafe' => 'true',
'length' => 6, # THIS WILL BE STRING!
}
$x = trocla('foo', 'plain', $short_and_safe)
notify { "test: $x": }
asq [Thu, 3 Apr 2014 15:15:37 +0000 (17:15 +0200)]
add option to generate shell-safe passwords
basically excludes characters that might be dangerous if used in shell.
many passwords generated by trocla may end up in some sort of bash
scripts (initscripts, sourced shell variables, etc) which may yeld
problems with default trocla random generator.
this can be now changed either in troclarc (with "shellsafe: true")
or on (ie. "trocla create foo plain '{ length: 32, shellsafe: true}'").
duritong [Thu, 29 May 2014 09:43:38 +0000 (11:43 +0200)]
Merge pull request #16 from tilya/bcrypt_rename
changes bcrypt-ruby to bcrypt in gemspec
Anna Janackova [Tue, 27 May 2014 08:51:07 +0000 (10:51 +0200)]
changes bcrypt-ruby to bcrypt in gemspec
asq [Thu, 3 Apr 2014 17:02:02 +0000 (19:02 +0200)]
puppet will convert all values to string, so we need to convert it back to integer for ranges
ie. for this to work:
$short_and_safe = {
'shellsafe' => 'true',
'length' => 6, # THIS WILL BE STRING!
}
$x = trocla('foo', 'plain', $short_and_safe)
notify { "test: $x": }
asq [Thu, 3 Apr 2014 15:15:37 +0000 (17:15 +0200)]
add option to generate shell-safe passwords
basically excludes characters that might be dangerous if used in shell.
many passwords generated by trocla may end up in some sort of bash
scripts (initscripts, sourced shell variables, etc) which may yeld
problems with default trocla random generator.
this can be now changed either in troclarc (with "shellsafe: true")
or on (ie. "trocla create foo plain '{ length: 32, shellsafe: true}'").
asq [Thu, 3 Apr 2014 15:15:37 +0000 (17:15 +0200)]
add option to generate shell-safe passwords
basically excludes characters that might be dangerous if used in shell.
many passwords generated by trocla may end up in some sort of bash
scripts (initscripts, sourced shell variables, etc) which may yeld
problems with default trocla random generator.
this can be now changed either in troclarc (with "shellsafe: true")
or on (ie. "trocla create foo plain '{ length: 32, shellsafe: true}'").
asq [Wed, 26 Feb 2014 17:30:03 +0000 (18:30 +0100)]
x509 format - fix test
asq [Wed, 26 Feb 2014 17:10:32 +0000 (18:10 +0100)]
x509 format - fix test
asq [Wed, 26 Feb 2014 17:00:51 +0000 (18:00 +0100)]
x509 format - fixes
asq [Wed, 26 Feb 2014 12:08:04 +0000 (13:08 +0100)]
x509 format
mh [Fri, 17 Jan 2014 16:36:42 +0000 (17:36 +0100)]
fix Gemfile for 2.x
mh [Fri, 17 Jan 2014 15:29:55 +0000 (16:29 +0100)]
test with 2.x version
mh [Sun, 17 Nov 2013 12:17:20 +0000 (13:17 +0100)]
add .gitignore
mh [Thu, 3 Oct 2013 20:45:23 +0000 (22:45 +0200)]
Regenerate gemspec for version 0.0.9
mh [Thu, 3 Oct 2013 20:45:21 +0000 (22:45 +0200)]
release 0.0.9
mh [Wed, 2 Oct 2013 09:32:55 +0000 (11:32 +0200)]
add documentation of the existing functions
mh [Wed, 2 Oct 2013 09:05:34 +0000 (11:05 +0200)]
linting
mh [Wed, 2 Oct 2013 08:32:20 +0000 (10:32 +0200)]
typo
mh [Wed, 2 Oct 2013 08:28:01 +0000 (10:28 +0200)]
Improve the overall experience of the module.
- Extending the README
- Add a trocla::yaml class for a simple quickstart.
- Fixes issues: #4 & #5
mh [Wed, 2 Oct 2013 07:28:54 +0000 (09:28 +0200)]
remove init class, this confused ppl and better readme follows
duritong [Wed, 4 Sep 2013 22:02:11 +0000 (15:02 -0700)]
Merge pull request #3 from justicel/master
Release of 0.0.2 module which includes template base configuration for t...
duritong [Wed, 4 Sep 2013 20:13:36 +0000 (13:13 -0700)]
Merge pull request #9 from ZeroPointEnergy/master
make sure that what we get from the command line is a string
Andreas Zuber [Wed, 4 Sep 2013 16:23:09 +0000 (18:23 +0200)]
make sure that what we get from the command line is a string
mh [Tue, 20 Aug 2013 15:01:37 +0000 (17:01 +0200)]
Merge remote-tracking branch 'github/master'
mh [Tue, 20 Aug 2013 14:57:40 +0000 (16:57 +0200)]
add ssha format
Justice London [Fri, 2 Aug 2013 19:56:32 +0000 (15:56 -0400)]
Change to allow you to define to install rubygem requirements
Justice London [Fri, 12 Jul 2013 22:14:53 +0000 (18:14 -0400)]
Release of 0.0.2 module which includes template base configuration for trocla CLI.
duritong [Thu, 27 Jun 2013 16:47:50 +0000 (09:47 -0700)]
Merge pull request #8 from yath/master
[BUG] Store hashed password supplied via 'set' instead of plaintext
Sebastian Schmidt [Thu, 27 Jun 2013 15:58:54 +0000 (17:58 +0200)]
Save passwords set via 'set' as hash, if asked to.
Trocla doesn't save the hashed password in the data file, even if the
format passed to 'set' is not 'plain':
$ echo foobar | trocla set testuser sha512crypt -p
$ grep -A1 testuser trocla_data.yaml
testuser:
sha512crypt: foobar
duritong [Wed, 20 Mar 2013 20:53:42 +0000 (13:53 -0700)]
Merge pull request #2 from amfranz/master
Compatibility with latest Puppet version (v3.1.0)
Michael Franz Aigner [Thu, 28 Feb 2013 13:17:37 +0000 (08:17 -0500)]
Removing calls to Puppet.features.rubygems?
This makes the Gem usable in the latest Puppet versions.
The handling of RubyGems got revised in Puppet 3.0.1-rc1:
http://projects.puppetlabs.com/issues/16757
The new policy is that either bundler and/or rubygems are guaranteed to
be loaded and initialized when the Puppet manifest is evaluated, making
it unnecessary for Puppet modules to load rubygems.
This new policy broke the puppet-trocla module. This is because
'Puppet.features.rubygems?' always evaluates to false now, which causes
the module to abort the manifest compilation with a message informing
about the necessity of RubyGems to be present.
mh [Fri, 18 Jan 2013 16:55:55 +0000 (17:55 +0100)]
make sed command more explicit so it's clear when copy/paste from rendered markdown
mh [Mon, 14 Jan 2013 22:04:38 +0000 (23:04 +0100)]
linting
mh [Mon, 14 Jan 2013 22:02:47 +0000 (23:02 +0100)]
adapt to new moneta version
mh [Mon, 14 Jan 2013 21:11:07 +0000 (22:11 +0100)]
better markup
mh [Mon, 14 Jan 2013 21:08:41 +0000 (22:08 +0100)]
add note about migrating yaml backend
mh [Mon, 14 Jan 2013 19:49:04 +0000 (20:49 +0100)]
notes about upgrading to 0.0.8
mh [Mon, 14 Jan 2013 19:36:30 +0000 (20:36 +0100)]
Regenerate gemspec for version 0.0.8
mh [Sun, 30 Dec 2012 13:47:00 +0000 (14:47 +0100)]
rearrange format checking
icy [Wed, 9 May 2012 10:33:07 +0000 (17:33 +0700)]
check if format is valid before creating/seting/...
as the old code only checks if the format name is empty, we can set any
kind of key/value in the database. for example, this command will work
without any error reported:
trocla set someuser strange_format
I replace the method miss_format by check_format that should be invoked
before any thing related to format.
mh [Sat, 29 Dec 2012 16:42:38 +0000 (17:42 +0100)]
improve README, get rid off obsolete --pwd-from-stdin
icy [Fri, 4 May 2012 08:41:04 +0000 (15:41 +0700)]
--pwd-from-stdin now can read from STDIN.
You can use pipe to provide multiple line password.
Side effect: you can use trocla to store/retreive any kind of data,
for example, public SSH key for your deployment tool.
The former way of --pwd-from-stdin should be provided by the
option --password / -p. STDIN has a different mean, IMHO.
mh [Fri, 28 Dec 2012 15:32:33 +0000 (16:32 +0100)]
build status