From 538f03143c1afc420e884a66dfabcb9c42810a1f Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sun, 12 May 2019 21:38:51 -0300
Subject: Newnode: fix hiera-yaml handling

---
 share/hydra/newnode | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'share')

diff --git a/share/hydra/newnode b/share/hydra/newnode
index 5e2a469..d087e5b 100755
--- a/share/hydra/newnode
+++ b/share/hydra/newnode
@@ -91,14 +91,19 @@ echo "nodo::subsystem::backup::encryptkey: '$KEYID'" >> $HYDRA_FOLDER/puppet/con
 echo "" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
 
 # Add OpenPGP passphrase into secret node config
-keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd | \
-hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+# We cannot simple pipe keyringer output into hiera-eyaml otherwiser the newline after the password will be interpreted as part of the password
+#keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd | \
+#hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+PASSWORD="`keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd`"
+echo -n "$PASSWORD" | hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
 
 echo "" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
 
 # Add Borg passphrase into secret node config
-keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd | \
-hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+#keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd | \
+#hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
+PASSWORD="`keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd`"
+echo -n "$PASSWORD" | hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
 
 # Ansible config
 if [ -e "$HYDRA_FOLDER/ansible/inventories/production/hosts" ]; then
-- 
cgit v1.2.3