Lightweight API to store/retrieve secrets to/from an encrypted Database

These details have not been verified by PyPI

Project links

Project description

VaultAPI

Lightweight API to store/retrieve secrets to/from an encrypted Database

Python

Platform Supported

Platform docker-image

Deployments

Kick off

Recommendations

Install python 3.10 or 3.11
Use a dedicated virtual environment

Install VaultAPI

python -m pip install vaultapi

Initiate - IDE

import vaultapi


if __name__ == '__main__':
    vaultapi.start()

Initiate - CLI

vaultapi start

Use vaultapi --help for usage instructions.

Environment Variables

Sourcing environment variables from an env file

By default, VaultAPI will look for a .env file in the current working directory.

Mandatory

APIKEY - API Key for authentication.
SECRET - Secret access key to encode/decode the secrets in Datastore.

Optional (with defaults)

TRANSIT_KEY_LENGTH - AES key length for transit encryption. Defaults to 32
TRANSIT_TIME_BUCKET - Interval for which the transit epoch should remain constant. Defaults to 60
DATABASE - FilePath to store the secrets' database. Defaults to secrets.db
HOST - Hostname for the API server. Defaults to 0.0.0.0 [OR] localhost
PORT - Port number for the API server. Defaults to 9010
WORKERS - Number of workers for the uvicorn server. Defaults to 1
RATE_LIMIT - List of dictionaries with max_requests and seconds to apply as rate limit. Defaults to 5req/2s [AND] 10req/30s

Optional (without defaults)

LOG_CONFIG - FilePath or dictionary of key-value pairs for log config.
ALLOWED_ORIGINS - Origins that are allowed to retrieve secrets.
ALLOWED_IP_RANGE - IP range that is allowed to retrieve secrets. (eg: 10.112.8.10-210)

Checkout decryptors for more information about decrypting the retrieved secret from the server.

Auto generate a SECRET value

This value will be used to encrypt/decrypt the secrets stored in the database.

CLI

vaultapi keygen

IDE

from cryptography.fernet import Fernet
print(Fernet.generate_key())

Coding Standards

Docstring format: Google
Styling conventions: PEP 8 and isort

Release Notes

Requirement

python -m pip install gitverse

Usage

gitverse-release reverse -f release_notes.rst -t 'Release Notes'

Linting

pre-commit will ensure linting, run pytest, generate runbook & release notes, and validate hyperlinks in ALL markdown files (including Wiki pages)

Requirement

python -m pip install sphinx==5.1.1 pre-commit recommonmark

Usage

pre-commit run --all-files

Pypi Package

https://pypi.org/project/VaultAPI/

Docker Image

https://hub.docker.com/r/thevickypedia/vaultapi

Runbook

https://thevickypedia.github.io/VaultAPI/

License & copyright

Licensed under the MIT License

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

0.1.0

Sep 19, 2024

0.0.1

Sep 18, 2024

0.0.0

Sep 17, 2024

0.0.0a0 pre-release

Aug 23, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

VaultAPI-0.1.0-py3-none-any.whl (19.8 kB view details)

Uploaded Sep 19, 2024 Python 3

File details

Details for the file VaultAPI-0.1.0-py3-none-any.whl.

File metadata

Download URL: VaultAPI-0.1.0-py3-none-any.whl
Upload date: Sep 19, 2024
Size: 19.8 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.10.14

File hashes

Hashes for VaultAPI-0.1.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`409ae1bed89279265a8f6fbd8fa72ae96129e480647eb5c71ed089f936e030ca`
MD5	`1dcc210710e7eb016a6684e90da16880`
BLAKE2b-256	`bce18dce22c20d83469860425a5ee86dbf82822d30168fbed0144022351a6f37`