aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2019-05-12 21:38:51 -0300
committerSilvio Rhatto <rhatto@riseup.net>2019-05-12 21:38:51 -0300
commit538f03143c1afc420e884a66dfabcb9c42810a1f (patch)
tree8badf709a69bed34c241d602db4c67ca31c81e4a
parent5312bf527f6bd256cd7c3bd948a722a6e7b06112 (diff)
downloadhydra-538f03143c1afc420e884a66dfabcb9c42810a1f.tar.gz
hydra-538f03143c1afc420e884a66dfabcb9c42810a1f.tar.bz2
Newnode: fix hiera-yaml handling
-rwxr-xr-xshare/hydra/newnode13
1 files changed, 9 insertions, 4 deletions
diff --git a/share/hydra/newnode b/share/hydra/newnode
index 5e2a469..d087e5b 100755
--- a/share/hydra/newnode
+++ b/share/hydra/newnode
@@ -91,14 +91,19 @@ echo "nodo::subsystem::backup::encryptkey: '$KEYID'" >> $HYDRA_FOLDER/puppet/con
echo "" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Add OpenPGP passphrase into secret node config
-keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd | \
-hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+# We cannot simple pipe keyringer output into hiera-eyaml otherwiser the newline after the password will be interpreted as part of the password
+#keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd | \
+#hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+PASSWORD="`keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd`"
+echo -n "$PASSWORD" | hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
echo "" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Add Borg passphrase into secret node config
-keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd | \
-hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+#keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd | \
+#hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+PASSWORD="`keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd`"
+echo -n "$PASSWORD" | hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Ansible config
if [ -e "$HYDRA_FOLDER/ansible/inventories/production/hosts" ]; then