Class: ManageIQ::ApplianceConsole::KeyConfiguration
- Inherits:
-
Object
- Object
- ManageIQ::ApplianceConsole::KeyConfiguration
show all
- Includes:
- ManageiqUserMixin
- Defined in:
- lib/manageiq/appliance_console/key_configuration.rb
Instance Attribute Summary collapse
Instance Method Summary
collapse
#manageiq_gid, #manageiq_uid
Constructor Details
Returns a new instance of KeyConfiguration.
20
21
22
23
24
25
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 20
def initialize(options = {})
options.each { |k, v| public_send("#{k}=", v) }
@action ||= :create
@login ||= "root"
@key_path ||= KEY_FILE
end
|
Instance Attribute Details
#action ⇒ Object
Returns the value of attribute action.
18
19
20
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18
def action
@action
end
|
#force ⇒ Object
Returns the value of attribute force.
18
19
20
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18
def force
@force
end
|
#host ⇒ Object
Returns the value of attribute host.
18
19
20
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18
def host
@host
end
|
#key_path ⇒ Object
Returns the value of attribute key_path.
18
19
20
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18
def key_path
@key_path
end
|
#login ⇒ Object
Returns the value of attribute login.
18
19
20
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18
def login
@login
end
|
#password ⇒ Object
Returns the value of attribute password.
18
19
20
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 18
def password
@password
end
|
Instance Method Details
#activate ⇒ Object
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 53
def activate
if !key_exist? || force
if get_new_key
save_new_key
else
remove_new_key_if_any
false
end
else
$stderr.puts
$stderr.puts "Only generate one encryption key (v2_key) per installation."
$stderr.puts "Chances are you did not want to overwrite this file."
$stderr.puts "If you do this all encrypted secrets in the database will not be readable."
$stderr.puts "Please backup your key and run this command again with --force-key."
$stderr.puts
false
end
end
|
#ask_question_loop ⇒ Object
45
46
47
48
49
50
51
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 45
def ask_question_loop
loop do
return false unless ask_questions
return true if activate
return false unless agree("Try again? (Y/N) ")
end
end
|
#ask_questions ⇒ Object
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 27
def ask_questions
if key_exist?
@force = agree("Overwrite existing encryption key (v2_key)? (Y/N): ")
return false unless @force
end
@action = ask_for_action(@action)
if fetch_key?
say("")
@host = ask_for_ip_or_hostname("hostname for appliance with encryption key", @host)
@login = ask_for_string("appliance SSH login", @login)
@password = ask_for_password("appliance SSH password", @password)
@key_path = ask_for_string("path of remote encryption key", @key_path)
end
@action
end
|
#create_key ⇒ Object
95
96
97
98
99
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 95
def create_key
return unless !!ManageIQ::Password.generate_symmetric(NEW_KEY_FILE)
File.chown(manageiq_uid, manageiq_gid, NEW_KEY_FILE)
end
|
#fetch_key ⇒ Object
101
102
103
104
105
106
107
108
109
110
111
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 101
def fetch_key
Net::SCP.start(host, login, :password => password) do |scp|
scp.download!(key_path, NEW_KEY_FILE)
end
File.chown(manageiq_uid, manageiq_gid, NEW_KEY_FILE)
File.exist?(NEW_KEY_FILE)
rescue => e
say("Failed to fetch key: #{e.message}")
false
end
|
#fetch_key? ⇒ Boolean
91
92
93
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 91
def fetch_key?
@action == :fetch
end
|
#key_exist? ⇒ Boolean
87
88
89
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 87
def key_exist?
File.exist?(KEY_FILE)
end
|
#remove_new_key_if_any ⇒ Object
83
84
85
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 83
def remove_new_key_if_any
FileUtils.rm(NEW_KEY_FILE) if File.exist?(NEW_KEY_FILE)
end
|
#save_new_key ⇒ Object
73
74
75
76
77
78
79
80
81
|
# File 'lib/manageiq/appliance_console/key_configuration.rb', line 73
def save_new_key
begin
FileUtils.mv(NEW_KEY_FILE, KEY_FILE, :force => true)
rescue => e
say("Failed to overwrite original key, original key kept. #{e.message}")
return false
end
FileUtils.chmod(0o400, KEY_FILE)
end
|