Skip to content

Files

Latest commit

jacobdotcostajacobdotcosta
docs: improve docs
Oct 5, 2023
52d73c0 · Oct 5, 2023

History

History

passwordstore

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.adoc
README.adoc
Oct 5, 2023

README.adoc

Passwordstore Database Implementation

Table of Contents

Introduction

This document describes the implementation of the passwordstore in the project.

Overview

The pass implementation uses a pass database to store the Ansible inventory and other infrastructure related information.

Ansible pass Structure

Besides storing other information, the pass database also stores the team Ansible Inventory.

The structure of the inventory is the following:

Level Type Data Comments

Level 1

Directory

Provider

The name of the provider is used to split VMs for different providers.

Currently only openstack is a tested provider.

⚠️

Although the hetzner provided is also implemented it has been abandoned and will be removed from the pass database.

Level 3

Directory

VM

Name that will be given to the VM. It will also be used as the Ansible Host name.

Level 3

Entry

Ansible attributes

One entry for each Ansible attribute that will be translated into a environment variable.

Level 3

Directory

groups

List of groups into which the host will be associated to.

Level 4 (under groups)

Entries

group name

One entry for each group the host will be associated with.

The entry name is the group name.

Ansible Inventory

The ansible inventory obtained from the pass database is built using the python script located at ../ansible/inventory/pass_inventory.py.

Ansible Playbooks

Information on the available playbooks is available here.

Connect to a host instance

All the information related to the hosts will be stored in the passwrodstore Ansible inventory. The current implementation also stores the ssh public and secret keys locally on each ~/.ssh folder. To improve usability this bash script has been created to make it easier to perform this connection. More documentation on the bash script can be found here.

To SSH connect to a VM use the tools/passstore-vm-ssh.sh bash script.

The 3 arguments to pass to the script are the following.

Table 1. Script options
Command Description

1: VM_PROVIDER

string / required

Cloud provider

Choices:

  • hetzner

  • openstack

2: VM_NAME

string / required

Name of the VM to connect to.

This is the inventory name of the VM.

3: PASSWORD_STORE_DIR

string

Folder where the PASSWORDSTORE database is located

Default: PASSWORD_STORE_DIR environment variable, if set. If this parameter is not provided and no PASSWORD_STORE_DIR env variable is set the script will fail as it doesn’t know the location of the passwordstore project.
Connect to a passwordstore VM
./tools/passstore-vm-ssh.sh openstack ${VM_NAME}

This should connect ot the newly created VM.

Last login: Thu Jan 1 00:00:00 1970 from x.x.x.x

This machine is property of RedHat.
Access is forbidden to all unauthorized person.
All activity is being monitored.

Welcome to vm20210221-t01..