Lookup psql passwords at runtime

diff --git a/roles/contexts/fretlink/templates/environment.j2 b/roles/contexts/fretlink/templates/environment.j2
index 91a6f6ab6a4403e6367f9ef23a009b05bf0cb754..652fc8dc6be7578b8e6b483b40a20a18d58b599d 100644 (file)
--- a/roles/contexts/fretlink/templates/environment.j2
+++ b/roles/contexts/fretlink/templates/environment.j2
@@ -41,6 +41,10 @@ build_macaroon() {
   popd 2>/dev/null >/dev/null
 }
 
+function capitalize() {
+  echo "$1" | sed -e 's!\(^\|-\)\(.\)!\U\2!g'
+}
+
 APP=$(basename $(pwd))
 
 FL_APPS_HOST="localhost"
@@ -79,26 +83,10 @@ FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Por
 FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
 FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"
 
-FL_CARRIER_DIRECTORY_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=Host') }}"
-FL_CARRIER_DIRECTORY_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=Port') }}"
-FL_CARRIER_DIRECTORY_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=User') }}"
-FL_CARRIER_DIRECTORY_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory') }}"
-FL_CARRIER_DIRECTORY_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=Database') }}"
-
-FL_GEODATA_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Host') }}"
-FL_GEODATA_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Port') }}"
-FL_GEODATA_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=User') }}"
-FL_GEODATA_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata') }}"
-FL_GEODATA_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Database') }}"
-
-FL_NOTIFIER_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Host') }}"
-FL_NOTIFIER_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Port') }}"
-FL_NOTIFIER_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=User') }}"
-FL_NOTIFIER_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier') }}"
-FL_NOTIFIER_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Database') }}"
-
 FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"
 
+export FRETLINK_ENV="$APP ${FL_ENV:-local}"
+
 if [ -f "local.env.example" ]; then
   source local.env.example
 fi
@@ -125,17 +113,12 @@ if [ "$APP" != "app" ]; then
     export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
     export POSTGRESQL_ADDON_DB="$name"
   else
-    postgresql_host="FL_${name^^}_${FL_ENV^^}_PSQL_HOST"
-    postgresql_port="FL_${name^^}_${FL_ENV^^}_PSQL_PORT"
-    postgresql_user="FL_${name^^}_${FL_ENV^^}_PSQL_USER"
-    postgresql_password="FL_${name^^}_${FL_ENV^^}_PSQL_PASSWORD"
-    postgresql_db="FL_${name^^}_${FL_ENV^^}_PSQL_DB"
-    export FRETLINK_ENV="$FL_ENV"
-    export POSTGRESQL_ADDON_HOST="${!postgresql_host}"
-    export POSTGRESQL_ADDON_PORT="${!postgresql_port}"
-    export POSTGRESQL_ADDON_USER="${!postgresql_user}"
-    export POSTGRESQL_ADDON_PASSWORD="${!postgresql_password}"
-    export POSTGRESQL_ADDON_DB="${!postgresql_db}"
+    key=Psql/$(capitalize $FL_ENV)/$(capitalize $APP)
+    export POSTGRESQL_ADDON_HOST=$(p $key Host)
+    export POSTGRESQL_ADDON_PORT=$(p $key Port)
+    export POSTGRESQL_ADDON_USER=$(p $key User)
+    export POSTGRESQL_ADDON_PASSWORD=$(p $key)
+    export POSTGRESQL_ADDON_DB=$(p $key Database)
   fi
 fi
 

diff --git a/roles/tools/files/ssh/known_hosts b/roles/tools/files/ssh/known_hosts
index e21936117e42ccc498f28100dde49d0bb691b145..e8399d7ccfb8f9f41bc40d11a091b059c939e913 100644 (file)
--- a/roles/tools/files/ssh/known_hosts
+++ b/roles/tools/files/ssh/known_hosts
@@ -1,3 +1,3 @@
 immae.eu ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM/7mizTNieTOU4i263zZeKBf/3U9O1rP7YEvR8qZWSFZXmEAlXsH3C+v2c1AS2udQpbgioKuqoRj2ZQImyScnU=
 github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
-eldiron.immae.eu,git.immae.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF
+eldiron.immae.eu,git.immae.eu,pub.immae.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF