Skip to content
/ Antares Public

Antares is a tool to synchronize data between a KeePass file and a HashiCorp Vault Server.

License

MIT license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

be-ys-cloud/Antares

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
cmd
cmd
 
 
internal
internal
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING
CONTRIBUTING
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
configuration.json
configuration.json
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Antares

Antares is a tool who can synchronize an HashiCorp Vault server, and a KeePass file.

In a nutshell, you can import your KeePass secrets to a Hashicorp Vault instance, and export Vault secrets to an offline Keepass.

Configuration

Arguments

The most of the configuration is made through CLI. When exporting, you must also provide a JSON file who will include the Vault paths you want to export.

Configuration arguments:

  • Mandatory:
    • -import or -export : Define the action you want to do. Import will import secrets from KeePass to Vault, export will export Vault secret to a new KeePass file.
    • -password=<your_password> : The password of your KeePass database. If you are exporting secrets, the KeePass file will be created with this password.
      • This argument can also be provided through ANTARES_KEEPASS_PASSWORD environment variable.
    • -vaultToken=<you_vault_token> : The Vault token corresponding to your account. You can get one by simply log-in into the Vault UI.
      • This argument can also be provided through ANTARES_VAULT_TOKEN environment variable.
    • -vaultServer=<your_vault_server> : The address of your Vault instance.
  • Optional :
    • -keepassFile=<path_to_your_keepass.kdbx> : The input/output KeePass location.
      • By default, this value is set to ./vault-keepass.kdbx
    • -configFile=<path_to_your_configuration_file.kdbx> : The configuration file, as described below.
      • By default, this value is set to ./configuration.json

Configuration File (export only)

The configuration file allows you to specify which paths of your Vault you want to export. If a secret ends with a /, the sub-secrets will also be retrieved.

For example:

[
  {
    "engine": "gitlab",
    "paths": [
      "/project1/",
      "/project2/secret"
    ]
  },
  {
    "engine": "home",
    "paths": [
      "/"
    ]
  }
]

With this configuration file, the tool will save in your KeePass:

  • All secrets in project1 folder in gitlab engine;
  • The specific secret named project2/secret in gitlab engine;
  • All secrets that will be find in home engine.

Build

  • go mod download
  • go build -o antares ./cmd
  • go run ./antares <your_arguments>

License

This project is released under MIT license.

About

Antares is a tool to synchronize data between a KeePass file and a HashiCorp Vault Server.

Topics

keepass hashicorp-vault

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

v1.0.0 Latest
Sep 7, 2022

Packages

No packages published

Languages