diff options
| -rwxr-xr-x | edit-secrets | 18 | ||||
| -rw-r--r-- | web-a1.sunet.se/overlay/etc/hiera/data/.placeholder | 0 | ||||
| -rw-r--r-- | web-a1.sunet.se/overlay/etc/hiera/data/secrets.yaml.asc | 23 | ||||
| -rw-r--r-- | web-a2.sunet.se/overlay/etc/hiera/data/.placeholder | 0 |
4 files changed, 25 insertions, 16 deletions
diff --git a/edit-secrets b/edit-secrets index eb8dc1a..742321f 100755 --- a/edit-secrets +++ b/edit-secrets @@ -37,14 +37,8 @@ if [ "x$1" != "x-l" ]; then if grep ^"STATUS=UPDATED" $TMPFILE > /dev/null; then # extract the path of the file that should be updated in the Cosmos repo - save_to=$(grep ^"SAVE_TO=" $TMPFILE | cut -d = -f 2-) - if [ ! -f $save_to ]; then - echo "$0: Output file $save_to doesn't exist" - echo " (leaving output in $TMPFILE)" - rm $TMPFILE2 - trap EXIT # clear trap command to preserve $TMPFILE - exit 1 - fi + save_to="${host}/overlay/etc/hiera/data/secrets.yaml.asc" + mkdir -p "`dirname $save_to`" # extract the GPG output perl -e '$a = 0; while (<>) { $a = 1 if ($_ =~ /-+BEGIN PGP MESSAGE-+/); print $_ if $a; $a = 0 if ($_ =~ /-+END PGP MESSAGE-+/); }' < $TMPFILE > $TMPFILE2 @@ -132,18 +126,10 @@ else # figure out this hosts gpg key id recipient=$($GPG --list-secret-key | grep ^sec | head -1 | awk '{print $2}' | cut -d / -f 2) - save_to="`hostname --fqdn`/overlay${SECRETFILE}" - #mkdir -p `dirname $save_to` echo "" ( echo "STATUS=UPDATED" - echo "SAVE_TO=$save_to" echo "" ) > $LAST_OUTPUT_FILENAME $GPG --output - --armor --recipient $recipient --sign --encrypt $TMPFILE >> $LAST_OUTPUT_FILENAME - echo "" - echo "GPG output saved in $LAST_OUTPUT_FILENAME - save it in Cosmos as" - echo "" - echo " $save_to" - echo "" fi diff --git a/web-a1.sunet.se/overlay/etc/hiera/data/.placeholder b/web-a1.sunet.se/overlay/etc/hiera/data/.placeholder deleted file mode 100644 index e69de29..0000000 --- a/web-a1.sunet.se/overlay/etc/hiera/data/.placeholder +++ /dev/null diff --git a/web-a1.sunet.se/overlay/etc/hiera/data/secrets.yaml.asc b/web-a1.sunet.se/overlay/etc/hiera/data/secrets.yaml.asc new file mode 100644 index 0000000..fa2a5ba --- /dev/null +++ b/web-a1.sunet.se/overlay/etc/hiera/data/secrets.yaml.asc @@ -0,0 +1,23 @@ +STATUS=UPDATED +SAVE_TO=web-a1.sunet.se/overlay/etc/hiera/data/secrets.yaml.asc + +-----BEGIN PGP MESSAGE----- +Version: GnuPG v2.0.22 (GNU/Linux) + +hQEMAx7Tk7WzdRkNAQf/erCM9EPsTMCCmR6dtjgqzczAjHq7etAp5RZt0kWEeX3P +KB5tFvXLb+R9CWXQmwZE2vz6uA9P277AabGH6U1ntJJfLXxPWQMLVO08OuJZAqG9 +QdSSYI33tjv6G0Jyxq1vIy6q+Y65KLAbibv4lMgv4+xa3z5QCXI2R3CkaI1ko0FY +tYOFpTFaPlYmSSLsrdBCOxTd7BgAynjRlPqhHTiG9UtaR42FN8QNzxE3YD1dbttC +FR4KzJoqlcyFhfhsTwt3Vzo8ISX65hSkfpsKbSAuCqWZBWrsoqGuh8dPs9iuTXu1 +NXWthAR+2HUX1zfXWzcLqrPvkSVi9w+uuefF3p20ANLA6QH4IBJDWtZgHwYVHRd+ +wmoSWguWWi55aDA9CFJlU7uYIJMB+97bZ6bdUQNYAjVVXN6fgLZsLLYC5CtPkDos +/4mIQzp8ZoJkouPq0a9nXaSvzGuhgd+y0zRhnSeE30zSZhRSiRDbY6Xr1G9CGEF2 +z8GeqyvX90OH42O3XHzgAUozWJR4kvW0URMYSFWVU6sG2EqlibX5nLJC7DXnlOmb +3XMrOtAebZzow1aSM/0rbBTBCVEX5ENcfnveBefM8yKaw8orUGcbG3j+oAIIcSCL +9n6lqGTdsiySPpTES9xCX63su1YgmKLP7cxJGrEO5tocOZKGZvqMBVBQgQSo81G9 +PDPv7LD5+w/sB/NfjO/A9kFgt28Y8KWIn0CZFy8OJkjNR/zk7UzZYO6E2hGJILcj +jyP3mF2u9bHwJPqzhUXliGhi5PbRE9Ysc0HaMPStx+MonjUcggtc+uxREf4u1ZWZ +5nVq9fk22gTsg8uRl5iSIGZgCx+/RMXbi9gtoUWL9MR4K+kr4ax9ZZ/LX2yswsIX +geq3VxRf50HGCc0YY7srb1BmHJnCU1zpaz6O +=XPYi +-----END PGP MESSAGE----- diff --git a/web-a2.sunet.se/overlay/etc/hiera/data/.placeholder b/web-a2.sunet.se/overlay/etc/hiera/data/.placeholder deleted file mode 100644 index e69de29..0000000 --- a/web-a2.sunet.se/overlay/etc/hiera/data/.placeholder +++ /dev/null |