Class: Handsomefencer::Environment::Crypto

Inherits:

Object

• Object
• Handsomefencer::Environment::Crypto

Defined in:

lib/handsomefencer/environment/crypto.rb

Instance Method Summary

• #decrypt(file) ⇒ Object
• #encrypt(file) ⇒ Object
• #expose(directory = nil, extension = nil) ⇒ Object
• #get_deploy_key ⇒ Object
• #ignore_sensitive_files ⇒ Object
• #initialize ⇒ Crypto constructor

  A new instance of Crypto.

• #obfuscate(directory = nil, extension = nil) ⇒ Object
• #read_deploy_key ⇒ Object
• #save_deploy_key ⇒ Object
• #source_files(directory = nil, extension = nil) ⇒ Object

Constructor Details

#initialize ⇒ Crypto

Returns a new instance of Crypto.

# File 'lib/handsomefencer/environment/crypto.rb', line 6

def initialize
  @cipher = OpenSSL::Cipher.new 'AES-128-CBC'
  @salt = '8 octets'
  get_deploy_key
end

Instance Method Details

#decrypt(file) ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 45

def decrypt(file)
  encrypted = Base64.decode64 File.read(file)
  @cipher.decrypt.pkcs5_keyivgen @pass_phrase, @salt
  decrypted = @cipher.update(encrypted) + @cipher.final
  decrypted_file = file.split('.enc').first
  write_to_file decrypted, decrypted_file
end

#encrypt(file) ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 39

def encrypt(file)
  @cipher.encrypt.pkcs5_keyivgen @pass_phrase, @salt
  encrypted = @cipher.update(File.read file) + @cipher.final
  write_to_file(Base64.encode64(encrypted), file + '.enc')
end

#expose(directory = nil, extension = nil) ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 64

def expose(directory=nil, extension=nil)
  extension = extension || '.env.enc'
  directory = directory || '.env'
  source_files(directory, extension).each { |file| decrypt(file) }
end

#get_deploy_key ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 12

def get_deploy_key
  if ENV['DEPLOY_KEY'].nil?
    @pass_phrase = read_deploy_key.nil? ? save_deploy_key : read_deploy_key
  else
    @pass_phrase = ENV['DEPLOY_KEY']
  end
end

#ignore_sensitive_files ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 27

def ignore_sensitive_files
  ["/#{dkfile}", "/.env/*"].each do |pattern|
    unless File.read('.gitignore').match pattern
      open('.gitignore', 'a') { |f| f << pattern }
    end
  end
end

#obfuscate(directory = nil, extension = nil) ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 58

def obfuscate(directory=nil, extension=nil)
  extension = extension || '.env'
  directory = directory || '.env'
  source_files(directory, extension).each { |file| encrypt file }
end

#read_deploy_key ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 35

def read_deploy_key
  File.exist?(dkfile) ? Base64.decode64(File.read dkfile) : nil
end

#save_deploy_key ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 20

def save_deploy_key
  @new_key = @cipher.random_key
  write_to_file Base64.encode64(@new_key), dkfile
  ignore_sensitive_files
  read_deploy_key
end

#source_files(directory = nil, extension = nil) ⇒ Object

# File 'lib/handsomefencer/environment/crypto.rb', line 53

def source_files(directory=nil, extension=nil)
  default = Dir.glob(".env/**/*#{extension}")
  directory.nil? ? default : Dir.glob(directory + "/**/*#{extension}")
end