# figtion
.---.
.-. |~~~|
|~| |~~~|--.
.---!-| .--| C |--|
|===|*|--|%%| f | |
| |*|__| | g | |
|===|*|==| | | |
| |_|__| |~~~|__|
|===|~|--|%%|~~~|--|
`---^-^--^--^---`--' hjw
A simple configuration interface with plaintext and encrypted file support.
## Benefits
* seemless Python `dict` interface
* unified config definition and defaults
* YAML text file source for file-system input & serialization
* nested entries supported
* simple precedence
* `defaults` **keys** define config **keys**
* YAML **values** override `defaults` **values**
* secrets support
* secrets saved to private YAML file
* secrets encrypted at rest via environment variable
* update & mask from public YAML file
## Examples
### Config Definition and Defaults
import figtion
defaults = {'my server' : 'www.bestsite.web'
,'number of nodes' : 5
,'password' : 'huduyutakeme4'
,'nested stuff' : {'breakfast' : 'coffee'}
,'listed stuff' : ['a','b','c']}
cfg = figtion.Config(defaults=defaults,filepath='./conf.yml')
print(cfg['my server'])
This will print either '[_www.bestsite.web_](.)' or the value of 'my server' in `./conf.yml` if it is something else.
*defaults* strictly defines the schema. Only keys present in *defaults* from a serial file will be retained. If you want to risk unspecified input keys and load everything from the YAML file, you can either omit the *defaults* parameter or set `promiscuous=True` when constructing `Config`.
### Config Secrets
When you want a public config file and a separate secret one.
To keep secret encrypted "at rest", set a secret key environment variable *FIGKEY*.
os.environ["FIGKEY"] = "seepost-itnote"
cfg = figtion.Config(defaults=defaults,filepath='./conf.yml',secretpath='./creds.yml')
cfg.mask('password')
print(cfg['password'])
This will print the value of `'password'`, which is stored in `./creds.yml` and not `./conf.yml`. If the value of `'password'` is changed in either YAML file, the password will be updated in `./creds.yml` and masked from `./conf.yml` the next time the class is loaded in Python. If a secret key is present via environment variable *FIGKEY*, the values in `./creds.yml` will be encrypted using that key.
The dictionary object returned for `cfg` contains the true value.
If you want everything treated as secret, provide a `secretpath` and omit `filepath`:
cfg = figtion.Config(secretpath='./creds.yml')
In this case, no call to `mask` is needed and everything is encrypted at rest.
#### Encryption Details
This uses the *pynacl* bindings to the *libsodium* library, which uses [the XSalsa20 algorithm](https://libsodium.gitbook.io/doc/advanced/stream_ciphers/xsalsa20) for encryption. The encryption key provided by the *FIGKEY* environment variable is truncated to a 32-byte string.
## Roadmap
* 0.9 - secrets store in separate location
* 1.0 - secrets store in encrypted location
* 1.1 - defaults explicitly separate from custom configs
* 1.2 - automatic/dynamic reloading of YAML files
Raw data
{
"_id": null,
"home_page": "https://github.com/dactylroot/figtion",
"name": "figtion",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.5",
"maintainer_email": "",
"keywords": "configuration secret",
"author": "Cory Root",
"author_email": "dactylroot@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/97/aa/01ec88d53218904a4f0e7484fe232c5e30305166187324219ec336be2893/figtion-1.0.5.tar.gz",
"platform": null,
"description": "# figtion\n\n .---.\n .-. |~~~|\n |~| |~~~|--.\n .---!-| .--| C |--|\n |===|*|--|%%| f | |\n | |*|__| | g | |\n |===|*|==| | | |\n | |_|__| |~~~|__|\n |===|~|--|%%|~~~|--|\n `---^-^--^--^---`--' hjw\n\n\nA simple configuration interface with plaintext and encrypted file support.\n\n## Benefits\n\n * seemless Python `dict` interface\n * unified config definition and defaults\n * YAML text file source for file-system input & serialization\n * nested entries supported\n * simple precedence\n * `defaults` **keys** define config **keys**\n * YAML **values** override `defaults` **values**\n * secrets support\n * secrets saved to private YAML file\n * secrets encrypted at rest via environment variable\n * update & mask from public YAML file\n\n## Examples\n\n### Config Definition and Defaults\n\n import figtion\n\n defaults = {'my server' : 'www.bestsite.web'\n ,'number of nodes' : 5\n ,'password' : 'huduyutakeme4'\n ,'nested stuff' : {'breakfast' : 'coffee'}\n ,'listed stuff' : ['a','b','c']}\n\n cfg = figtion.Config(defaults=defaults,filepath='./conf.yml')\n\n print(cfg['my server']) \n\nThis will print either '[_www.bestsite.web_](.)' or the value of 'my server' in `./conf.yml` if it is something else.\n\n*defaults* strictly defines the schema. Only keys present in *defaults* from a serial file will be retained. If you want to risk unspecified input keys and load everything from the YAML file, you can either omit the *defaults* parameter or set `promiscuous=True` when constructing `Config`.\n\n### Config Secrets\n\nWhen you want a public config file and a separate secret one.\nTo keep secret encrypted \"at rest\", set a secret key environment variable *FIGKEY*.\n\n os.environ[\"FIGKEY\"] = \"seepost-itnote\"\n\n cfg = figtion.Config(defaults=defaults,filepath='./conf.yml',secretpath='./creds.yml')\n cfg.mask('password')\n\n print(cfg['password'])\n\nThis will print the value of `'password'`, which is stored in `./creds.yml` and not `./conf.yml`. If the value of `'password'` is changed in either YAML file, the password will be updated in `./creds.yml` and masked from `./conf.yml` the next time the class is loaded in Python. If a secret key is present via environment variable *FIGKEY*, the values in `./creds.yml` will be encrypted using that key.\nThe dictionary object returned for `cfg` contains the true value.\n\nIf you want everything treated as secret, provide a `secretpath` and omit `filepath`:\n\n cfg = figtion.Config(secretpath='./creds.yml')\n\nIn this case, no call to `mask` is needed and everything is encrypted at rest.\n\n#### Encryption Details\n\nThis uses the *pynacl* bindings to the *libsodium* library, which uses [the XSalsa20 algorithm](https://libsodium.gitbook.io/doc/advanced/stream_ciphers/xsalsa20) for encryption. The encryption key provided by the *FIGKEY* environment variable is truncated to a 32-byte string.\n\n## Roadmap\n\n * 0.9 - secrets store in separate location\n * 1.0 - secrets store in encrypted location\n * 1.1 - defaults explicitly separate from custom configs\n * 1.2 - automatic/dynamic reloading of YAML files\n\n\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "A simple configuration interface with plaintext and encrypted file support.",
"version": "1.0.5",
"split_keywords": [
"configuration",
"secret"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "62570bcbf79a013bc1948cf87d300773dfacda0803b775f6ea16241300e2e338",
"md5": "5f6c637bf4321ed4d6851420bfb93f6e",
"sha256": "82f153ec984a2146ed4a87b6a6d2c996d6ae8e203cb3a8ae899a74cb1af17ecc"
},
"downloads": -1,
"filename": "figtion-1.0.5-py3-none-any.whl",
"has_sig": false,
"md5_digest": "5f6c637bf4321ed4d6851420bfb93f6e",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.5",
"size": 7262,
"upload_time": "2023-01-30T18:58:41",
"upload_time_iso_8601": "2023-01-30T18:58:41.359021Z",
"url": "https://files.pythonhosted.org/packages/62/57/0bcbf79a013bc1948cf87d300773dfacda0803b775f6ea16241300e2e338/figtion-1.0.5-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "97aa01ec88d53218904a4f0e7484fe232c5e30305166187324219ec336be2893",
"md5": "4db281087ff487cb4a8770592b8ac288",
"sha256": "87c9a636c53a9a760de368b4ff538466a23db0a573f96511c11ea332aac68b38"
},
"downloads": -1,
"filename": "figtion-1.0.5.tar.gz",
"has_sig": false,
"md5_digest": "4db281087ff487cb4a8770592b8ac288",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 5904,
"upload_time": "2023-01-30T18:58:43",
"upload_time_iso_8601": "2023-01-30T18:58:43.173243Z",
"url": "https://files.pythonhosted.org/packages/97/aa/01ec88d53218904a4f0e7484fe232c5e30305166187324219ec336be2893/figtion-1.0.5.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-01-30 18:58:43",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "dactylroot",
"github_project": "figtion",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "figtion"
}