Itamae::Plugin::Resource::EncryptedRemoteFile
encrypt secret data (ex. id_rsa), and forward decrypted file to remote.
This is like to knife-solo_data_bag
Installation
Add this line to your application's Gemfile:
gem 'itamae-plugin-resource-encrypted_remote_file'
And then execute:
$ bundle
Or install it yourself as:
$ gem install itamae-plugin-resource-encrypted_remote_file
Usage
Encrypt data
install reversible_cryptography
gem install reversible_cryptography
reversible_cryptography encrypt --password=PASSWORD --src-file=/path/to/secret_file.txt --dst-file=/pass/to/encrypted_file.txt
Recipe
require "itamae-plugin-resource-encrypted_remote_file"
encrypted_remote_file "/home/deployer/.ssh/id_rsa" do
owner "root"
group "root"
source "remote_files/id_rsa.encrypted"
password ENV["ID_RSA_PASSWORD"]
end
ProTip
Use with dotenv
Gemfile
gem "itamae-plugin-resource-encrypted_remote_file"
gem "dotenv"
.env (don't commit this!)
ID_RSA_PASSWORD=12345678
.gitignore
.env
your_recipe.rb
require 'dotenv'
Dotenv.load
ENV["ID_RSA_PASSWORD"]
#=> "12345678"
encrypted_remote_file "/home/deployer/.ssh/id_rsa" do
owner "root"
group "root"
source "remote_files/id_rsa.encrypted"
password ENV["ID_RSA_PASSWORD"]
end
Development
After checking out the repo, run bin/setup to install dependencies. Then, run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release to create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Contributing
- Fork it ( https://github.com/sue445/itamae-plugin-resource-encrypted_remote_file/fork )
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request