class SmartMachine::Credentials

Constants

CIPHER

Public Class Methods

new() click to toggle source
# File lib/smart_machine/credentials.rb, line 12
def initialize
end

Public Instance Methods

config() click to toggle source
# File lib/smart_machine/credentials.rb, line 45
def config
        @config ||= deserialize(read).deep_symbolize_keys
end
create() click to toggle source
# File lib/smart_machine/credentials.rb, line 15
def create
        write_key
        write credentials_template
end
edit() click to toggle source
# File lib/smart_machine/credentials.rb, line 20
def edit
        content_path = Pathname.new "config/credentials.yml.enc"
        tmp_file = "#{Process.pid}.#{content_path.basename.to_s.chomp('.enc')}"
        tmp_path = Pathname.new File.join(Dir.tmpdir, tmp_file)
        contents = read
        tmp_path.binwrite contents

        system("#{ENV['EDITOR']} #{tmp_path}")

        updated_contents = tmp_path.binread

        if updated_contents != contents
                write(updated_contents)
                puts "File encrypted and saved."
        else
                puts "File contents were not changed."
        end
ensure
        FileUtils.rm(tmp_path) if tmp_path&.exist?
end
read_key() click to toggle source
# File lib/smart_machine/credentials.rb, line 41
def read_key
        read_env_key || read_key_file || handle_missing_key
end

Private Instance Methods

create_key() click to toggle source
# File lib/smart_machine/credentials.rb, line 101
def create_key
        SecureRandom.hex(ActiveSupport::MessageEncryptor.key_len(CIPHER))
end
credentials_template() click to toggle source
# File lib/smart_machine/credentials.rb, line 51
                def credentials_template
                        <<~YAML
                          machine:
                            name: #{SecureRandom.hex(8)}
                            address: 122.122.122.122
                            port: 22
                            root_password: #{SecureRandom.hex(16)}
                            username: #{SecureRandom.hex(8)}
                            password: #{SecureRandom.hex(16)}

                          minio:
                            name: #{SecureRandom.hex(8)}
                            access_key: #{SecureRandom.hex(8)}
                            secret_key: #{SecureRandom.hex(16)}
                            browser: on
                            worm: off

                          mysql:
                            port: 3306
                            root_password: #{SecureRandom.hex(16)}
                            username: #{SecureRandom.hex(8)}
                            password: #{SecureRandom.hex(16)}
                            database_name: #{SecureRandom.hex(8)}

                          elasticsearch:
                            port: 9200
                        YAML
                end
decrypt(contents) click to toggle source
# File lib/smart_machine/credentials.rb, line 93
def decrypt(contents)
        encryptor.decrypt_and_verify contents
end
deserialize(config) click to toggle source
# File lib/smart_machine/credentials.rb, line 122
def deserialize(config)
        YAML.load(config).presence || {}
end
encrypt(contents) click to toggle source
# File lib/smart_machine/credentials.rb, line 89
def encrypt(contents)
        encryptor.encrypt_and_sign contents
end
encryptor() click to toggle source
# File lib/smart_machine/credentials.rb, line 97
def encryptor
        @encryptor ||= ActiveSupport::MessageEncryptor.new([ read_key ].pack("H*"), cipher: CIPHER)
end
handle_missing_key() click to toggle source
# File lib/smart_machine/credentials.rb, line 118
def handle_missing_key
        raise "Missing SMARTMACHINE_MASTER_KEY. Please add SMARTMACHINE_MASTER_KEY to your environment."
end
read() click to toggle source
# File lib/smart_machine/credentials.rb, line 80
def read
        decrypt IO.binread "config/credentials.yml.enc"
end
read_env_key() click to toggle source
# File lib/smart_machine/credentials.rb, line 110
def read_env_key
        ENV['SMARTMACHINE_MASTER_KEY']
end
read_key_file() click to toggle source
# File lib/smart_machine/credentials.rb, line 114
def read_key_file
        IO.binread("config/master.key").strip if File.file?("config/master.key")
end
write(contents) click to toggle source
# File lib/smart_machine/credentials.rb, line 84
def write(contents)
        IO.binwrite "config/credentials.yml.enc.tmp", encrypt(contents)
        FileUtils.mv "config/credentials.yml.enc.tmp", "config/credentials.yml.enc"
end
write_key() click to toggle source
# File lib/smart_machine/credentials.rb, line 105
def write_key
        IO.binwrite "config/master.key.tmp", create_key
        FileUtils.mv "config/master.key.tmp", "config/master.key"
end