vault-recovery


Namevault-recovery JSON
Version 0.3 PyPI version JSON
download
home_pagehttps://github.com/fkantelberg/vault-recovery
SummaryTool for a disaster recovery of Odoo's vault module
upload_time2024-03-28 21:31:31
maintainerNone
docs_urlNone
authorFlorian Kantelberg
requires_python>=3.10
licenseMIT
keywords vault disaster recovery
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
![PyPI - Python Version](https://img.shields.io/pypi/pyversions/vault-recovery)
[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)

# vault-recovery

This tool provides utilities for a disaster recovery for the Odoo vault module from
database backups or formerly exported files. The backups need atleast the following
tables for the recovery:

- res_users
- res_users_key
- vault
- vault_entry
- vault_field
- vault_file
- vault_right

## Installation

```bash
$ pip3 install vault-recovery
```

## Security

Do not run the `recover` or `decrypt` mode on the server. This will compromise the
security design of the vault module.

## Usage

The tool supports different operation modes for specific purposes.

`vault info [...]` can be used to retrieve information from a postgres database about
available vaults. It can be used to get UUIDs of users and vaults with some additional
information. The UUIDs are used in other modes.

```bash
$ vault info -d odoo
User: admin [6cf47287-d791-44a0-b073-78659959ca3f]
  Fingerprint: 61:a7:70:73:75:06:61:ad:fc:0e:9a:3c:bd:99:a0:17:be:7f:35:5e:31:d0:80:e4:fd:cc:90:ac:be:5b:e8:82
  Vaults:
    Test Vault [cee24057-4318-46b8-b227-05ec687df64e]
```

`vault export [...]` can be used to export vaults from a database into `exported` files.
These files include everything from the database which is needed to recover the database
including the encrypted master key, private key, and entries.

```bash
$ vault export -d odoo --user 6cf47287-d791-44a0-b073-78659959ca3f > vaults.json
```

`vault recover [...]` can be used to recover the secrets from a vault. It can recover
from a database or from a previously exported `exported` file as the following example
shows. The data is put inside of the output directory as `raw`, `plain`, and
`encrypted` files.

```bash
$ vault recover -d odoo -i vaults.json --password --output ~/vaults
```

`vault encrypt [...]` can be used to protect `raw` files with password or passfiles.

```bash
$ vault encrypt -i raw.json --password > encrypted.json
```

`vault decrypt [...]` can be used to decrypt `encrypted` files.

```bash
$ vault decrypt -i encrypted.json --password -o ~/vaults > raw.json
```

## Files types

The tool outputs various JSON files for different purposes to store the data and to
allow splitting the process into steps. All files are structured as a dictionary
with a `type` key. The following types exists:

- `exported`: contains all information needed to recover vaults. They can be used
to recover the data on more secure environments.

- `plain`: contains the most information of a recovered vault. These files are
unencrypted.

- `raw`: contains unencrypted entries ready to be imported into a running vault

- `encrypted`: contains encrypted entries ready to be imported into a running vault

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/fkantelberg/vault-recovery",
    "name": "vault-recovery",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.10",
    "maintainer_email": null,
    "keywords": "vault disaster recovery",
    "author": "Florian Kantelberg",
    "author_email": "florian.kantelberg@mailbox.org",
    "download_url": null,
    "platform": null,
    "description": "[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n![PyPI - Python Version](https://img.shields.io/pypi/pyversions/vault-recovery)\n[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)\n\n# vault-recovery\n\nThis tool provides utilities for a disaster recovery for the Odoo vault module from\ndatabase backups or formerly exported files. The backups need atleast the following\ntables for the recovery:\n\n- res_users\n- res_users_key\n- vault\n- vault_entry\n- vault_field\n- vault_file\n- vault_right\n\n## Installation\n\n```bash\n$ pip3 install vault-recovery\n```\n\n## Security\n\nDo not run the `recover` or `decrypt` mode on the server. This will compromise the\nsecurity design of the vault module.\n\n## Usage\n\nThe tool supports different operation modes for specific purposes.\n\n`vault info [...]` can be used to retrieve information from a postgres database about\navailable vaults. It can be used to get UUIDs of users and vaults with some additional\ninformation. The UUIDs are used in other modes.\n\n```bash\n$ vault info -d odoo\nUser: admin [6cf47287-d791-44a0-b073-78659959ca3f]\n  Fingerprint: 61:a7:70:73:75:06:61:ad:fc:0e:9a:3c:bd:99:a0:17:be:7f:35:5e:31:d0:80:e4:fd:cc:90:ac:be:5b:e8:82\n  Vaults:\n    Test Vault [cee24057-4318-46b8-b227-05ec687df64e]\n```\n\n`vault export [...]` can be used to export vaults from a database into `exported` files.\nThese files include everything from the database which is needed to recover the database\nincluding the encrypted master key, private key, and entries.\n\n```bash\n$ vault export -d odoo --user 6cf47287-d791-44a0-b073-78659959ca3f > vaults.json\n```\n\n`vault recover [...]` can be used to recover the secrets from a vault. It can recover\nfrom a database or from a previously exported `exported` file as the following example\nshows. The data is put inside of the output directory as `raw`, `plain`, and\n`encrypted` files.\n\n```bash\n$ vault recover -d odoo -i vaults.json --password --output ~/vaults\n```\n\n`vault encrypt [...]` can be used to protect `raw` files with password or passfiles.\n\n```bash\n$ vault encrypt -i raw.json --password > encrypted.json\n```\n\n`vault decrypt [...]` can be used to decrypt `encrypted` files.\n\n```bash\n$ vault decrypt -i encrypted.json --password -o ~/vaults > raw.json\n```\n\n## Files types\n\nThe tool outputs various JSON files for different purposes to store the data and to\nallow splitting the process into steps. All files are structured as a dictionary\nwith a `type` key. The following types exists:\n\n- `exported`: contains all information needed to recover vaults. They can be used\nto recover the data on more secure environments.\n\n- `plain`: contains the most information of a recovered vault. These files are\nunencrypted.\n\n- `raw`: contains unencrypted entries ready to be imported into a running vault\n\n- `encrypted`: contains encrypted entries ready to be imported into a running vault\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Tool for a disaster recovery of Odoo's vault module",
    "version": "0.3",
    "project_urls": {
        "Homepage": "https://github.com/fkantelberg/vault-recovery"
    },
    "split_keywords": [
        "vault",
        "disaster",
        "recovery"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "dbe9b9ca7aba007708f7f192410810aad9c77f54bb1d8ec2c6a75319d975a49e",
                "md5": "26c1596905c68746e0f204694d716b49",
                "sha256": "421b97af47c095ba5f4eaa8f23216030c8543c06ff1d0f3bcf1a5c345e072fe0"
            },
            "downloads": -1,
            "filename": "vault_recovery-0.3-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "26c1596905c68746e0f204694d716b49",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.10",
            "size": 13677,
            "upload_time": "2024-03-28T21:31:31",
            "upload_time_iso_8601": "2024-03-28T21:31:31.598872Z",
            "url": "https://files.pythonhosted.org/packages/db/e9/b9ca7aba007708f7f192410810aad9c77f54bb1d8ec2c6a75319d975a49e/vault_recovery-0.3-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-03-28 21:31:31",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "fkantelberg",
    "github_project": "vault-recovery",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "lcname": "vault-recovery"
}
        
Elapsed time: 0.36429s