https://github.com/escomputers/hc_vault

PoC - Django web app for fetching data from a list of Hashicorp Vault nodes/cluster and showing to the browser with bootstrap and adminlte.
https://github.com/escomputers/hc_vault

adminlte bootstrap django-application django-q hashicorp-vault javascript jquery monitoring-tool multiprocessing-library python webapp

Last synced: 9 months ago
JSON representation

PoC - Django web app for fetching data from a list of Hashicorp Vault nodes/cluster and showing to the browser with bootstrap and adminlte.

• Host: GitHub
• URL: https://github.com/escomputers/hc_vault
• Owner: escomputers
• License: apache-2.0
• Created: 2022-12-16T23:57:57.000Z (about 3 years ago)
• Default Branch: master
• Last Pushed: 2024-05-20T23:48:51.000Z (over 1 year ago)
• Last Synced: 2025-01-24T22:41:22.768Z (11 months ago)
• Topics: adminlte, bootstrap, django-application, django-q, hashicorp-vault, javascript, jquery, monitoring-tool, multiprocessing-library, python, webapp
• Language: HTML
• Homepage:
• Size: 4.11 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
### whoami

Django web app, with Django Q as multiprocessing task queue for fetching data from a list of Hashicorp Vault nodes/cluster and showing to the browser with bootstrap and adminlte.

This PoC is based on fetching Vault entities and get notified via email if a specific

threshold is being reached.

### pre-requisites

- Docker

- Vault nodes/cluster

- Python >= 3.9

### getting started

1. If you need some Vault nodes

```

python -m pip install -r dev-requirements.txt

python create_vault_cluster.py

```

This will create N Vault nodes (using Docker official image) with this config:

- Seal type: shamir

- Storage type: file (non HA)

- UI enabled

- TLS disabled

- Docker volume ```/vault/logs```, to use for writing persistent audit logs. By default nothing is written here; the file audit backend must be enabled with a path under this directory.

- Docker volume ```/vault/file```, to use for writing persistent storage data when using the file data storage plugin. By default nothing is written here.

Nodes are nitialized with default secret keyshares and key threshold of 1.

Each Vault will listen at ```http://0.0.0.0:```

where ```PORT``` will change based on the Vault node number, starting from 8200.

E.g. If 5 nodes are created, you have:

```

http://localhost:8200

http://localhost:8201

http://localhost:8202

http://localhost:8203

http://localhost:8204

```

Unseal keys and root tokens are within ```vault_data.txt```

NB: Vault nodes must be unsealed

2. Set env variables

```

DJANGO_SECRET_KEY

VAULT TOKEN

```

3. Django init

```

python -m pip install -r prod-requirements.txt

python manage.py makemigrations

python manage.py migrate

python manage.py createsuperuser

```

4. Create Django "superuser" group and assign user to it

5. Enable Django ORM

```

python manage.py createcachetable django_orm_cache_table

# uncomment in settings.py

"""

CACHES = {

    'default': {

        'BACKEND': 'django.core.cache.backends.db.DatabaseCache',

        'LOCATION': 'django_orm_cache_table',

    }

}

"""

```

6. Run

```

python manage.py runserver

python manage.py qcluster

```

7. Create scheduled job

login to http://127.0.0.1:8000/admin/django_q/schedule/

and set required parameters:

```

Name: 

Func: modules.vault.get_entities

Schedule Type: 

Cluster: VaultCrawler

```