using Saltstack with Bitwarden/Vaultwarden credential management - locally or via salt-ssh
Project description
Saltx
Using Saltstack with Bitwarden/Vaultwarden credential management - locally or via salt-ssh.
Saltx is a wrapper around Saltstack's salt-ssh and Bitwarden/Vaultwarden. It aims at simplifying to use both tools together. Private Saltstack Pillar files and State files are stored in Bitwarden/Vaultwarden. They are synchronized to an encrypted folder (using EncFS) on the machine using Salt, often a Salt server. With this data, salt-ssh and salt-local are called and can be used as usual. Public Saltstack Pillars and States are kept in a git repository, adhering to the Infrastructure-as-Code paradigm.
With this approach, credential data can be kept secure while allowing to leverage the benefits of using Saltstack in a simple, straight-forward manner - even in a team setup.
Features
- Assistant for initial set-up of Git and Salt on the system
- Download the Bitwarden CLI tool for local use
- Data storage in encrypted folder based on EncFS
- Sync of local credential storage with a Bitwarden/Vaultwarden organization containing Salt States/Pillars
- Management of a local clone of a Git repository with Salt States/Pillars
- Wrapper for simplifying the use of salt-call locally
- Simplifying the use of salt-ssh for managing hosts with Salt via ssh
- Configurable via config files on three layers (system-global, vault, user)
- Support of multiple instances of local repositories and credential stores
- Simple installation
Installation
Install as root user using PyPi:
pip3 install saltx
Note that this no longer works in more recent environments as pip3 should no longer install in the system environment. You may do
pip3 install saltx --break-system-packages
to override. Alternatively use pipx (install via apt install pipx on Debian) like this:
PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/bin pipx install saltx
You may use another directory than /opt/pipx but it must be accessible for the user that will run saltx later (i.e. don't use the default directory located within the root home directory if you also want to run as non-root user). PIPX_BIN_DIR needs to be in the system search path (systemd-path search-binaries-default on Debian).
License
- AGPL3 license
- Copyright 2024-2025 © Dirk Henrici.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file saltx-0.3.0.tar.gz.
File metadata
- Download URL: saltx-0.3.0.tar.gz
- Upload date:
- Size: 40.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2dcb050c0662f30c357739131624172a3d4b0533b66bed449a8fbad3eaa54fd3
|
|
| MD5 |
2845bd49351fec9066ce43e8cc29350e
|
|
| BLAKE2b-256 |
9497fec5fb9c7409f7efe44a2844eb0f9836b3d06384909c01a47a1d7cb21171
|
File details
Details for the file saltx-0.3.0-py3-none-any.whl.
File metadata
- Download URL: saltx-0.3.0-py3-none-any.whl
- Upload date:
- Size: 45.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3ad78cd44e876cc59392bf4fa793182d65429a753dfaa7270c1fc55de2fb1e72
|
|
| MD5 |
e308cbd85822cc654bb4aa8616edf7ae
|
|
| BLAKE2b-256 |
8ec5f0ab742bd1cd04e9bc76c93976002586591a579d5b0ca525f0e374d77324
|
