Lightweight API to store/retrieve secrets to/from an encrypted Database

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for thevickypedia from gravatar.com thevickypedia

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License Copyright (c) 2024 Vignesh Rao Permission is hereby granted, free of charge, to any pe...)
  • Author: Vignesh Rao
  • Tags vaultapi , vault , fastapi , sqlite3 , fernet
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

VaultAPI

Lightweight API to store/retrieve secrets to/from an encrypted Database

Python

Platform Supported

Platform docker-image

Deployments

docker pypi docker_desc

markdown pages

Pypi Pypi-format Pypi-status

Kick off

Recommendations

Install VaultAPI

python -m pip install vaultapi

Initiate - IDE

import vaultapi.server


if __name__ == '__main__':
    vaultapi.server.start()

Initiate - CLI

vaultapi start

Use vaultapi --help for usage instructions.

Environment Variables

Sourcing environment variables from an env file

By default, VaultAPI will look for a .env file in the current working directory.

Mandatory

  • APIKEY - API Key for authentication.
  • SECRET - Secret access key to encode/decode the secrets in Datastore.

Optional (with defaults)

  • TRANSIT_KEY_LENGTH - AES key length for transit encryption. Defaults to 32
  • TRANSIT_TIME_BUCKET - Interval for which the transit epoch should remain constant. Defaults to 60
  • DATABASE - FilePath to store the secrets' database. Defaults to secrets.db
  • HOST - Hostname for the API server. Defaults to 0.0.0.0 [OR] localhost
  • PORT - Port number for the API server. Defaults to 9010
  • WORKERS - Number of workers for the uvicorn server. Defaults to 1
  • RATE_LIMIT - List of dictionaries with max_requests and seconds to apply as rate limit. Defaults to 5req/2s [AND] 10req/30s
  • ALLOW_PUBLIC_IP - Boolean flag to allow connections via public IP. Defaults to false
  • ALLOW_PRIVATE_IP - Boolean flag to allow connections via private IP. Defaults to false
  • ALLOW_PRIVATE_IP_RANGE - Boolean flag to allow connections via any private IP address (1-256) within range. Defaults to false

Optional (without defaults)

  • LOG_CONFIG - FilePath or dictionary of key-value pairs for log config.
  • ALLOWED_ORIGINS - Origins that are allowed to retrieve secrets.
  • ALLOWED_IP_RANGE - IP range that is allowed to retrieve secrets. (eg: 10.112.8.10-210)

Checkout decryptors for more information about decrypting the retrieved secret from the server.

Auto generate a SECRET value

This value will be used to encrypt/decrypt the secrets stored in the database.

CLI

vaultapi keygen

IDE

from cryptography.fernet import Fernet
print(Fernet.generate_key())

API Functionality

Endpoint Description API method
/health API health endpoint GET
/get-secret Retrieve secrets (comma separated list) GET
/get-table Get ALL the secrets stored in a table GET
/list-tables List all available tables GET
/put-secret Store or update a secret (key-value pairs) PUT
/delete-secret Delete a specific secret DELETE
/create-table Create a new table POST

Coding Standards

Docstring format: Google
Styling conventions: PEP 8 and isort

Release Notes

Requirement

python -m pip install gitverse

Usage

gitverse-release reverse -f release_notes.rst -t 'Release Notes'

Linting

pre-commit will ensure linting, run pytest, generate runbook & release notes, and validate hyperlinks in ALL markdown files (including Wiki pages)

Requirement

python -m pip install sphinx==5.1.1 pre-commit recommonmark

Usage

pre-commit run --all-files

Pypi Package

pypi-module

https://pypi.org/project/VaultAPI/

Docker Image

made-with-docker-doc

https://hub.docker.com/r/thevickypedia/vaultapi

Runbook

made-with-sphinx-doc

https://thevickypedia.github.io/VaultAPI/

License & copyright

© Vignesh Rao

Licensed under the MIT License

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for thevickypedia from gravatar.com thevickypedia

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License Copyright (c) 2024 Vignesh Rao Permission is hereby granted, free of charge, to any pe...)
  • Author: Vignesh Rao
  • Tags vaultapi , vault , fastapi , sqlite3 , fernet
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.3.4

0.3.3

0.3.2

This version

0.3.1

0.3.0

0.2.1

0.2.0

0.1.1

0.1.0

0.0.1

0.0.0

0.0.0a0 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

VaultAPI-0.3.1-py3-none-any.whl (21.1 kB view details)

Uploaded Python 3

File details

Details for the file VaultAPI-0.3.1-py3-none-any.whl.

File metadata

  • Download URL: VaultAPI-0.3.1-py3-none-any.whl
  • Upload date:
  • Size: 21.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.10.14

File hashes

Hashes for VaultAPI-0.3.1-py3-none-any.whl
Algorithm Hash digest
SHA256 19b0c891b28cb3569e4cdfa2b9172c21530c046aec9ed5b728554c56fe91a9b8
MD5 6f16fc36ce16c2333c2362331001185c
BLAKE2b-256 4294c9d96e7ed051fb9984f565250a2853316321eee5932e2a17f0552e3526ae

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page