Class: ManageIQ::ApplianceConsole::KeyConfiguration

Inherits:

Object

• Object
• ManageIQ::ApplianceConsole::KeyConfiguration

Includes:

ManageiqUserMixin

Defined in:

lib/manageiq/appliance_console/key_configuration.rb

Instance Attribute Summary

• #action ⇒ Object

  Returns the value of attribute action.

• #force ⇒ Object

  Returns the value of attribute force.

• #host ⇒ Object

  Returns the value of attribute host.

• #key_path ⇒ Object

  Returns the value of attribute key_path.

• #login ⇒ Object

  Returns the value of attribute login.

• #password ⇒ Object

  Returns the value of attribute password.

Instance Method Summary

• #activate ⇒ Object
• #ask_question_loop ⇒ Object
• #ask_questions ⇒ Object
• #create_key ⇒ Object
• #fetch_key ⇒ Object
• #fetch_key? ⇒ Boolean
• #initialize(options = {}) ⇒ KeyConfiguration constructor

  A new instance of KeyConfiguration.

• #key_exist? ⇒ Boolean
• #remove_new_key_if_any ⇒ Object
• #save_new_key ⇒ Object

Methods included from ManageiqUserMixin

#manageiq_gid, #manageiq_uid

Constructor Details

#initialize(options = {}) ⇒ KeyConfiguration

Returns a new instance of KeyConfiguration.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 20

def initialize(options = {})
  options.each { |k, v| public_send("#{k}=", v) }
  @action ||= :create
  @login ||= "root"
  @key_path ||= KEY_FILE
end

Instance Attribute Details

#action ⇒ Object

Returns the value of attribute action.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18

def action
  @action
end

#force ⇒ Object

Returns the value of attribute force.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18

def force
  @force
end

#host ⇒ Object

Returns the value of attribute host.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18

def host
  @host
end

#key_path ⇒ Object

Returns the value of attribute key_path.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18

def key_path
  @key_path
end

#login ⇒ Object

Returns the value of attribute login.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18

def login
  @login
end

#password ⇒ Object

Returns the value of attribute password.

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18

def password
  @password
end

Instance Method Details

#activate ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 53

def activate
  if !key_exist? || force
    if get_new_key
      save_new_key
    else
      remove_new_key_if_any
      false
    end
  else
    # probably only got here via the cli
    $stderr.puts
    $stderr.puts "Only generate one encryption key (v2_key) per installation."
    $stderr.puts "Chances are you did not want to overwrite this file."
    $stderr.puts "If you do this all encrypted secrets in the database will not be readable."
    $stderr.puts "Please backup your key and run this command again with --force-key."
    $stderr.puts
    false
  end
end

#ask_question_loop ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 45

def ask_question_loop
  loop do
    return false unless ask_questions
    return true if activate
    return false unless agree("Try again? (Y/N) ")
  end
end

#ask_questions ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 27

def ask_questions
  if key_exist?
    @force = agree("Overwrite existing encryption key (v2_key)? (Y/N): ")
    return false unless @force
  end

  @action = ask_for_action(@action)

  if fetch_key?
    say("")
    @host      = ask_for_ip_or_hostname("hostname for appliance with encryption key", @host)
    @login     = ask_for_string("appliance SSH login", @login)
    @password  = ask_for_password("appliance SSH password", @password)
    @key_path  = ask_for_string("path of remote encryption key", @key_path)
  end
  @action
end

#create_key ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 95

def create_key
  return unless !!ManageIQ::Password.generate_symmetric(NEW_KEY_FILE)

  File.chown(manageiq_uid, manageiq_gid, NEW_KEY_FILE)
end

#fetch_key ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 101

def fetch_key
  # use :verbose => 1 (or :debug for later versions) to see actual errors
  Net::SCP.start(host, login, :password => password) do |scp|
    scp.download!(key_path, NEW_KEY_FILE)
  end
  File.chown(manageiq_uid, manageiq_gid, NEW_KEY_FILE)
  File.exist?(NEW_KEY_FILE)
rescue => e
  say("Failed to fetch key: #{e.message}")
  false
end

#fetch_key? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 91

def fetch_key?
  @action == :fetch
end

#key_exist? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 87

def key_exist?
  File.exist?(KEY_FILE)
end

#remove_new_key_if_any ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 83

def remove_new_key_if_any
  FileUtils.rm(NEW_KEY_FILE) if File.exist?(NEW_KEY_FILE)
end

#save_new_key ⇒ Object

# File 'lib/manageiq/appliance_console/key_configuration.rb', line 73

def save_new_key
  begin
    FileUtils.mv(NEW_KEY_FILE, KEY_FILE, :force => true)
  rescue => e
    say("Failed to overwrite original key, original key kept. #{e.message}")
    return false
  end
  FileUtils.chmod(0o400, KEY_FILE)
end