From e7270a0e65cbbf398d999db98278114d809244dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 15 Mar 2019 18:44:39 +0100 Subject: Lookup psql passwords at runtime --- roles/contexts/fretlink/templates/environment.j2 | 41 +++++++----------------- roles/tools/files/ssh/known_hosts | 2 +- 2 files changed, 13 insertions(+), 30 deletions(-) diff --git a/roles/contexts/fretlink/templates/environment.j2 b/roles/contexts/fretlink/templates/environment.j2 index 91a6f6a..652fc8d 100644 --- a/roles/contexts/fretlink/templates/environment.j2 +++ b/roles/contexts/fretlink/templates/environment.j2 @@ -41,6 +41,10 @@ build_macaroon() { popd 2>/dev/null >/dev/null } +function capitalize() { + echo "$1" | sed -e 's!\(^\|-\)\(.\)!\U\2!g' +} + APP=$(basename $(pwd)) FL_APPS_HOST="localhost" @@ -79,26 +83,10 @@ FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Por FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}" FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}" -FL_CARRIER_DIRECTORY_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=Host') }}" -FL_CARRIER_DIRECTORY_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=Port') }}" -FL_CARRIER_DIRECTORY_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=User') }}" -FL_CARRIER_DIRECTORY_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory') }}" -FL_CARRIER_DIRECTORY_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/CarrierDirectory subkey=Database') }}" - -FL_GEODATA_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Host') }}" -FL_GEODATA_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Port') }}" -FL_GEODATA_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=User') }}" -FL_GEODATA_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata') }}" -FL_GEODATA_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Database') }}" - -FL_NOTIFIER_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Host') }}" -FL_NOTIFIER_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Port') }}" -FL_NOTIFIER_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=User') }}" -FL_NOTIFIER_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier') }}" -FL_NOTIFIER_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Database') }}" - FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}" +export FRETLINK_ENV="$APP ${FL_ENV:-local}" + if [ -f "local.env.example" ]; then source local.env.example fi @@ -125,17 +113,12 @@ if [ "$APP" != "app" ]; then export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD" export POSTGRESQL_ADDON_DB="$name" else - postgresql_host="FL_${name^^}_${FL_ENV^^}_PSQL_HOST" - postgresql_port="FL_${name^^}_${FL_ENV^^}_PSQL_PORT" - postgresql_user="FL_${name^^}_${FL_ENV^^}_PSQL_USER" - postgresql_password="FL_${name^^}_${FL_ENV^^}_PSQL_PASSWORD" - postgresql_db="FL_${name^^}_${FL_ENV^^}_PSQL_DB" - export FRETLINK_ENV="$FL_ENV" - export POSTGRESQL_ADDON_HOST="${!postgresql_host}" - export POSTGRESQL_ADDON_PORT="${!postgresql_port}" - export POSTGRESQL_ADDON_USER="${!postgresql_user}" - export POSTGRESQL_ADDON_PASSWORD="${!postgresql_password}" - export POSTGRESQL_ADDON_DB="${!postgresql_db}" + key=Psql/$(capitalize $FL_ENV)/$(capitalize $APP) + export POSTGRESQL_ADDON_HOST=$(p $key Host) + export POSTGRESQL_ADDON_PORT=$(p $key Port) + export POSTGRESQL_ADDON_USER=$(p $key User) + export POSTGRESQL_ADDON_PASSWORD=$(p $key) + export POSTGRESQL_ADDON_DB=$(p $key Database) fi fi diff --git a/roles/tools/files/ssh/known_hosts b/roles/tools/files/ssh/known_hosts index e219361..e8399d7 100644 --- a/roles/tools/files/ssh/known_hosts +++ b/roles/tools/files/ssh/known_hosts @@ -1,3 +1,3 @@ immae.eu ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM/7mizTNieTOU4i263zZeKBf/3U9O1rP7YEvR8qZWSFZXmEAlXsH3C+v2c1AS2udQpbgioKuqoRj2ZQImyScnU= github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== -eldiron.immae.eu,git.immae.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF +eldiron.immae.eu,git.immae.eu,pub.immae.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF -- cgit v1.2.3