head.daveops.net

Snippets for yer computer needs

vault

vault

@Chef

Knife

# Create a vault
knife vault create passwords root '{"username": "root", "password": "mypassword"}' -S "role:webserver"

# Re-encrypt the vault with a fresh search of nodes
knife vault refresh passwords root

# Update the search for hosts on a vault
knife vault update passwords root -S "role:webserver"

# Create a vault from a file
knife vault create certs example.com --file example.crt

Code

chef-vault cookbook

include_recipe "chef-vault"
vault = chef_vault_item(DATABAG, ITEM)

chef-vault gem

chef_gem 'chef-vault' do
  compile_time true if respond_to?(:compile_time)
end

require 'chef-vault'

item = ChefVault::Item.load("passwords", "root")
item["password"]

chef vault gem chef vault cookbook