VaultAPI 0.1.0

Description:

VaultAPI 0.1.0

VaultAPI
Lightweight API to store/retrieve secrets to/from an encrypted Database

Platform Supported


Deployments








Kick off
Recommendations

Install python 3.10 or 3.11
Use a dedicated virtual environment

Install VaultAPI
python -m pip install vaultapi

Initiate - IDE
import vaultapi


if __name__ == '__main__':
vaultapi.start()

Initiate - CLI
vaultapi start


Use vaultapi --help for usage instructions.

Environment Variables

Sourcing environment variables from an env file

By default, VaultAPI will look for a .env file in the current working directory.


Mandatory

APIKEY - API Key for authentication.
SECRET - Secret access key to encode/decode the secrets in Datastore.

Optional (with defaults)

TRANSIT_KEY_LENGTH - AES key length for transit encryption. Defaults to 32
TRANSIT_TIME_BUCKET - Interval for which the transit epoch should remain constant. Defaults to 60
DATABASE - FilePath to store the secrets' database. Defaults to secrets.db
HOST - Hostname for the API server. Defaults to 0.0.0.0 [OR] localhost
PORT - Port number for the API server. Defaults to 9010
WORKERS - Number of workers for the uvicorn server. Defaults to 1
RATE_LIMIT - List of dictionaries with max_requests and seconds to apply as rate limit.
Defaults to 5req/2s [AND] 10req/30s

Optional (without defaults)

LOG_CONFIG - FilePath or dictionary of key-value pairs for log config.
ALLOWED_ORIGINS - Origins that are allowed to retrieve secrets.
ALLOWED_IP_RANGE - IP range that is allowed to retrieve secrets. (eg: 10.112.8.10-210)


Checkout decryptors for more information about decrypting the retrieved secret from the server.


Auto generate a SECRET value
This value will be used to encrypt/decrypt the secrets stored in the database.
CLI
vaultapi keygen

IDE
from cryptography.fernet import Fernet
print(Fernet.generate_key())


Coding Standards
Docstring format: Google
Styling conventions: PEP 8 and isort
Release Notes
Requirement
python -m pip install gitverse

Usage
gitverse-release reverse -f release_notes.rst -t 'Release Notes'

Linting
pre-commit will ensure linting, run pytest, generate runbook & release notes, and validate hyperlinks in ALL
markdown files (including Wiki pages)
Requirement
python -m pip install sphinx==5.1.1 pre-commit recommonmark

Usage
pre-commit run --all-files

Pypi Package

https://pypi.org/project/VaultAPI/
Docker Image

https://hub.docker.com/r/thevickypedia/vaultapi
Runbook

https://thevickypedia.github.io/VaultAPI/
License & copyright
© Vignesh Rao
Licensed under the MIT License