- not supported
- 3.5
- 3.6
- 3.7
-
install python3 and python3-pip via your systems packetmanager
-
install the package
python-gpgmealso via your systems packetmanager. -
clone this github repository (currently not on pypi)
-
install this packet via
pip install -e .
-
or setup python-multivault-git via aur (Instructions)
https://aur.archlinux.org/packages/python-multivault-git/ -
your almost there run
multivault --version<<- if it works, nice! -
config is under
/etc/multivault- if u want to edit this config, copy it to one of the following locations.
/home/$USER/.multivault.yml/home/$USER/.config/multivault.yml
- if u want to edit this config, copy it to one of the following locations.
-
show loaded config:
multivault --config
This is a CLI which connects to a ldap server. It gathers user information from their to get the actual admin users for all servers in our organization.
Based on this information it uses the gpg keys of this users of which the fingerprints are provided by the ldap server itself to encrypt given passwords or files with the right keys.
Ansible then uses a simple lookup module for the gpg encrypted files. This is an alpha and not recommended to use in production.
apt install python-gpgme gnupg pacman -S python-gpgme gnupg yum install python-gpgme gnupg
-
if u define
ssh_hopinside the ldap section of the config inmultivault.ymlthe command is run on the local machine and paramiko makes something likessh -L 127.0.0.1:10000:ldap.example.com:636 login_host -
ldap3connects than against localhost:10000 and queries the server -
every request opens and closes a tcp connection to the ldap server
-
Only do this in a virtualenv.
pip install -e .[dev]
-
this installs the development environment of multivault
- packages like
pylintpep8autopep8
- if they are not already satisfied
- packages like