Metadata-Version: 2.2
Name: VaultAPI
Version: 0.3.0
Summary: Lightweight API to store/retrieve secrets to/from an encrypted Database
Author-email: Vignesh Rao <svignesh1793@gmail.com>
License: MIT License
        
        Copyright (c) 2024 Vignesh Rao
        
        Permission is hereby granted, free of charge, to any person obtaining a copy
        of this software and associated documentation files (the "Software"), to deal
        in the Software without restriction, including without limitation the rights
        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
        copies of the Software, and to permit persons to whom the Software is
        furnished to do so, subject to the following conditions:
        
        The above copyright notice and this permission notice shall be included in all
        copies or substantial portions of the Software.
        
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
        SOFTWARE.
        
Project-URL: Homepage, https://github.com/thevickypedia/VaultAPI
Project-URL: Docs, https://thevickypedia.github.io/VaultAPI
Project-URL: Source, https://github.com/thevickypedia/VaultAPI
Project-URL: Bug Tracker, https://github.com/thevickypedia/VaultAPI/issues
Project-URL: Release Notes, https://github.com/thevickypedia/VaultAPI/blob/main/release_notes.rst
Keywords: vaultapi,vault,fastapi,sqlite3,fernet
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Development Status :: 5 - Production/Stable
Classifier: Operating System :: MacOS :: MacOS X
Classifier: Operating System :: Microsoft :: Windows
Classifier: Operating System :: POSIX :: Linux
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: click==8.1.*
Requires-Dist: cryptography==44.0.*
Requires-Dist: fastapi==0.115.*
Requires-Dist: pydantic==2.10.*
Requires-Dist: pydantic-settings==2.7.*
Requires-Dist: python-dotenv==1.0.*
Requires-Dist: PyYAML==6.0.*
Requires-Dist: requests==2.32.*
Requires-Dist: uvicorn==0.34.*
Provides-Extra: dev
Requires-Dist: sphinx==5.1.1; extra == "dev"
Requires-Dist: pre-commit; extra == "dev"
Requires-Dist: recommonmark; extra == "dev"
Requires-Dist: gitverse; extra == "dev"

# VaultAPI
Lightweight API to store/retrieve secrets to/from an encrypted Database

![Python][label-pyversion]

**Platform Supported**

![Platform][label-platform]
![docker-image][image-size]

**Deployments**

[![docker][label-docker-build]][gha_docker]
[![pypi][label-actions-pypi]][gha_pypi]
[![docker_desc][label-docker-desc]][gha_docker_desc]

[![markdown][label-actions-markdown]][gha_md_valid]
[![pages][label-actions-pages]][gha_pages]

[![Pypi][label-pypi]][pypi]
[![Pypi-format][label-pypi-format]][pypi-files]
[![Pypi-status][label-pypi-status]][pypi]

## Kick off

**Recommendations**

- Install `python` [3.10] or [3.11]
- Use a dedicated [virtual environment]

**Install VaultAPI**
```shell
python -m pip install vaultapi
```

**Initiate - IDE**
```python
import vaultapi.server


if __name__ == '__main__':
    vaultapi.server.start()
```

**Initiate - CLI**
```shell
vaultapi start
```

> Use `vaultapi --help` for usage instructions.

## Environment Variables

<details>
<summary><strong>Sourcing environment variables from an env file</strong></summary>

> _By default, `VaultAPI` will look for a `.env` file in the current working directory._
</details>

**Mandatory**
- **APIKEY** - API Key for authentication.
- **SECRET** - Secret access key to encode/decode the secrets in Datastore.

**Optional (with defaults)**
- **TRANSIT_KEY_LENGTH** - AES key length for transit encryption. Defaults to `32`
- **TRANSIT_TIME_BUCKET** - Interval for which the transit epoch should remain constant. Defaults to `60`
- **DATABASE** - FilePath to store the secrets' database. Defaults to `secrets.db`
- **HOST** - Hostname for the API server. Defaults to `0.0.0.0` [OR] `localhost`
- **PORT** - Port number for the API server. Defaults to `9010`
- **WORKERS** - Number of workers for the uvicorn server. Defaults to `1`
- **RATE_LIMIT** - List of dictionaries with `max_requests` and `seconds` to apply as rate limit.
Defaults to 5req/2s [AND] 10req/30s
- **ALLOW_PUBLIC_IP** - Boolean flag to allow connections via public IP. Defaults to `false`
- **ALLOW_PRIVATE_IP** - Boolean flag to allow connections via private IP. Defaults to `false`
- **ALLOW_PRIVATE_IP_RANGE** - Boolean flag to allow connections via any private IP address _(`1-256`)_ within range. Defaults to `false`

**Optional (without defaults)**
- **LOG_CONFIG** - FilePath or dictionary of key-value pairs for log config.
- **ALLOWED_ORIGINS** - Origins that are allowed to retrieve secrets.
- **ALLOWED_IP_RANGE** - IP range that is allowed to retrieve secrets. _(eg: `10.112.8.10-210`)_

> Checkout [decryptors][decryptors] for more information about decrypting the retrieved secret from the server.

<details>
<summary>Auto generate a <code>SECRET</code> value</summary>

This value will be used to encrypt/decrypt the secrets stored in the database.

**CLI**
```shell
vaultapi keygen
```

**IDE**
```python
from cryptography.fernet import Fernet
print(Fernet.generate_key())
```
</details>

## Coding Standards
Docstring format: [`Google`][google-docs] <br>
Styling conventions: [`PEP 8`][pep8] and [`isort`][isort]

## [Release Notes][release-notes]
**Requirement**
```shell
python -m pip install gitverse
```

**Usage**
```shell
gitverse-release reverse -f release_notes.rst -t 'Release Notes'
```

## Linting
`pre-commit` will ensure linting, run pytest, generate runbook & release notes, and validate hyperlinks in ALL
markdown files (including Wiki pages)

**Requirement**
```shell
python -m pip install sphinx==5.1.1 pre-commit recommonmark
```

**Usage**
```shell
pre-commit run --all-files
```

## Pypi Package
[![pypi-module][label-pypi-package]][pypi-repo]

[https://pypi.org/project/VaultAPI/][pypi]

## Docker Image
[![made-with-docker-doc][label-docker-doc]][docker-doc]

[https://hub.docker.com/r/thevickypedia/vaultapi][docker]

## Runbook
[![made-with-sphinx-doc][label-sphinx-doc]][sphinx]

[https://thevickypedia.github.io/VaultAPI/][runbook]

## License & copyright

&copy; Vignesh Rao

Licensed under the [MIT License][license]

[label-actions-markdown]: https://github.com/thevickypedia/VaultAPI/actions/workflows/markdown.yaml/badge.svg
[label-docker-build]: https://github.com/thevickypedia/VaultAPI/actions/workflows/docker-publish.yaml/badge.svg
[label-docker-desc]: https://github.com/thevickypedia/VaultAPI/actions/workflows/docker-description.yaml/badge.svg
[label-pypi-package]: https://img.shields.io/badge/Pypi%20Package-VaultAPI-blue?style=for-the-badge&logo=Python
[label-sphinx-doc]: https://img.shields.io/badge/Made%20with-Sphinx-blue?style=for-the-badge&logo=Sphinx
[label-docker-doc]: https://img.shields.io/badge/Made%20with-Docker-blue?style=for-the-badge&logo=Docker
[label-pyversion]: https://img.shields.io/badge/python-3.10%20%7C%203.11-blue
[label-platform]: https://img.shields.io/badge/Platform-Linux|macOS|Windows-1f425f.svg
[label-actions-pages]: https://github.com/thevickypedia/VaultAPI/actions/workflows/pages/pages-build-deployment/badge.svg
[label-actions-pypi]: https://github.com/thevickypedia/VaultAPI/actions/workflows/python-publish.yaml/badge.svg
[label-pypi]: https://img.shields.io/pypi/v/VaultAPI
[label-pypi-format]: https://img.shields.io/pypi/format/VaultAPI
[label-pypi-status]: https://img.shields.io/pypi/status/VaultAPI

[3.10]: https://docs.python.org/3/whatsnew/3.10.html
[3.11]: https://docs.python.org/3/whatsnew/3.11.html
[virtual environment]: https://docs.python.org/3/tutorial/venv.html
[release-notes]: https://github.com/thevickypedia/VaultAPI/blob/main/release_notes.rst
[decryptors]: https://github.com/thevickypedia/VaultAPI/blob/main/decryptors
[gha_pages]: https://github.com/thevickypedia/VaultAPI/actions/workflows/pages/pages-build-deployment
[gha_docker]: https://github.com/thevickypedia/VaultAPI/actions/workflows/docker-publish.yaml
[gha_docker_desc]: https://github.com/thevickypedia/VaultAPI/actions/workflows/docker-description.yaml
[gha_pypi]: https://github.com/thevickypedia/VaultAPI/actions/workflows/python-publish.yaml
[gha_md_valid]: https://github.com/thevickypedia/VaultAPI/actions/workflows/markdown.yaml
[google-docs]: https://google.github.io/styleguide/pyguide.html#38-comments-and-docstrings
[pep8]: https://www.python.org/dev/peps/pep-0008/
[isort]: https://pycqa.github.io/isort/
[docker]: https://hub.docker.com/r/thevickypedia/vaultapi
[docker-doc]: https://docs.docker.com/
[sphinx]: https://www.sphinx-doc.org/en/master/man/sphinx-autogen.html
[image-size]: https://img.shields.io/docker/image-size/thevickypedia/vaultapi/latest
[pypi]: https://pypi.org/project/VaultAPI
[pypi-files]: https://pypi.org/project/VaultAPI/#files
[pypi-repo]: https://packaging.python.org/tutorials/packaging-projects/
[license]: https://github.com/thevickypedia/VaultAPI/blob/main/LICENSE
[runbook]: https://thevickypedia.github.io/VaultAPI/
