adphi/nexus-casc-terraform-example
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init

Browse Source 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
This commit is contained in:
Adphi 2022-12-13 16:11:28 +01:00
commit e32c182728
Signed by: adphi
GPG Key ID: 46BE4062DB2397FF
13 changed files with 977 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
tmp/
.terraform
terraform.tfstate**
.idea

21
.terraform.lock.hcl Normal file
View File

@ -0,0 +1,21 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/null" {
version = "3.2.1"
hashes = [
"h1:tSj1mL6OQ8ILGqR2mDu7OYYYWf+hoir0pf9KAQ8IzO8=",
"zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840",
"zh:62a5cc82c3b2ddef7ef3a6f2fedb7b9b3deff4ab7b414938b08e51d6e8be87cb",
"zh:63cff4de03af983175a7e37e52d4bd89d990be256b16b5c7f919aff5ad485aa5",
"zh:74cb22c6700e48486b7cabefa10b33b801dfcab56f1a6ac9b6624531f3d36ea3",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:79e553aff77f1cfa9012a2218b8238dd672ea5e1b2924775ac9ac24d2a75c238",
"zh:a1e06ddda0b5ac48f7e7c7d59e1ab5a4073bbcf876c73c0299e4610ed53859dc",
"zh:c37a97090f1a82222925d45d84483b2aa702ef7ab66532af6cbcfb567818b970",
"zh:e4453fbebf90c53ca3323a92e7ca0f9961427d2f0ce0d2b65523cc04d5d999c2",
"zh:e80a746921946d8b6761e77305b752ad188da60688cfd2059322875d363be5f5",
"zh:fbdb892d9822ed0e4cb60f2fedbdbb556e4da0d88d3b942ae963ed6ff091e48f",
"zh:fca01a623d90d0cad0843102f9b8b9fe0d3ff8244593bd817f126582b52dd694",
]
}

15
README.md Normal file
View File

@ -0,0 +1,15 @@
# Nexus with casc plugin example
```bash
git clone https://git.adphi.net/adphi/nexus-casc-terraform-example
cd nexus-casc-terraform-example
# edit variables to customize image / version, etc in main.tf
# terraform init
# terraform plan
# terraform apply
# or use the pre-build image (adphi/nexus3:3.41.1-casc)
docker-compose --project-directory test up
```

5
main.tf Normal file
View File

@ -0,0 +1,5 @@
module "nexus_image" {
source = "./modules/nexus_image"
nexus_image = "adphi/nexus3:3.41.1-casc"
nexus_version = "3.41.1"
}

27
modules/nexus_image/main.tf Normal file
View File

@ -0,0 +1,27 @@
locals {
tmp_dir = "${path.root}/tmp/nexus-casc-plugin"
}
resource "null_resource" "nexus_image" {
provisioner "local-exec" {
command = "mkdir -p ${local.tmp_dir}"
working_dir = path.root
}
provisioner "local-exec" {
command = "git clone ${var.nexus_repo_url} ${local.tmp_dir}"
working_dir = path.root
}
provisioner "local-exec" {
command = "git checkout v${var.nexus_version}-01.0"
working_dir = local.tmp_dir
}
provisioner "local-exec" {
command = "docker build --pull -t ${var.nexus_image} ${local.tmp_dir}"
}
provisioner "local-exec" {
command = "docker push ${var.nexus_image}"
}
provisioner "local-exec" {
command = "rm -rf ${local.tmp_dir}"
}
}

4
modules/nexus_image/output.tf Normal file
View File

@ -0,0 +1,4 @@
output "nexus_image" {
depends_on = [null_resource.nexus_image]
value = var.nexus_image
}

14
modules/nexus_image/variables.tf Normal file
View File

@ -0,0 +1,14 @@
variable "nexus_repo_url" {
type = string
default = "https://github.com/AdaptiveConsulting/nexus-casc-plugin"
}
variable nexus_version {
type = string
default = "3.41.1"
}
variable nexus_image {
type = string
default = "adphi/nexus3:3.41.1-casc"
}

802
test/default-nexus.yml Normal file
View File

@ -0,0 +1,802 @@
---
core:
baseUrl: ${BASE_URL:""}
userAgentCustomization: "CasC test"
connectionTimeout: 60
connectionRetryAttempts: 10
# httpProxy:
# host: proxy.internal.lan
# port: 3128
# username: nexus-user
# password: ${PROXY_PASSWORD}
# httpsProxy:
# host: proxy.internal.lan
# port: 3128
# username: nexus-user
# password: ${PROXY_PASSWORD}
# ntlmHost: dc.internal.lan
# ntlmDomain: internal.lan
# nonProxyHosts:
# - host1.internal.lan
# - host2.internal.lan
capabilities:
- type: analytics-configuration
enabled: false
- type: OutreachManagementCapability
enabled: false
security:
anonymousAccess: true
pruneUsers: true
realms:
- name: "DockerToken"
enabled: true
- name: "NpmToken"
enabled: true
- name: "NuGetApiKey"
enabled: true
privileges:
- id: system-repository-admin-docker-docker-proxy-update
enabled: true
name: system-repository-admin-docker-docker-proxy-update
description: Permit update to docker-proxy repository configuration
type: repository-admin
properties:
format: docker
repository: docker-proxy
actions: read,update
roles:
- id: ui-minimal
enabled: true
source: default
name: ui-minimal
description: "UI Minimal"
privileges:
- nx-healthcheck-read
- nx-search-read
- id: repository-read-docker-proxy
enabled: true
source: default
name: repository-read-docker-proxy
description: "Docker Anonymous Access for public proxy repository"
privileges:
- nx-repository-view-docker-docker-proxy-browse
- nx-repository-view-docker-docker-proxy-read
- id: repository-read-all
enabled: true
source: default
name: repository-read-all
description: "Read All permission for repositories"
privileges:
- nx-apikey-all
- nx-repository-view-*-*-browse
- nx-repository-view-*-*-read
- id: repository-write-all
enabled: true
source: default
name: repository-write-all
description: "Write All permission for repositories"
privileges:
- nx-apikey-all
- nx-repository-view-*-*-*
- id: repository-read-nodejs-dist
enabled: true
source: default
name: repository-read-nodejs-dist
description: "Read permission for NodeJS Dist repository"
privileges:
- nx-repository-view-raw-nodejs-dist-browse
- nx-repository-view-raw-nodejs-dist-read
- id: repository-read-cypress-dist
enabled: true
source: default
name: repository-read-cypress-dist
description: "Read permission for Cypress Download repository"
privileges:
- nx-repository-view-raw-cypress-dist-browse
- nx-repository-view-raw-cypress-dist-read
users:
- username: anonymous
firstName: Anonymous
lastName: User
password: anonymous
updateExistingPassword: false
email: anonymous@example.org
roles:
- source: "default"
role: ui-minimal
- source: "default"
role: repository-read-cypress-dist
- source: "default"
role: repository-read-docker-proxy
- source: "default"
role: repository-read-nodejs-dist
- username: johndoe
firstName: John
lastName: Doe
password: "${file:/run/secrets/password_johndoe}"
updateExistingPassword: true
email: johndoe@example.org
roles:
- source: "default"
role: nx-admin
- username: janedoe
firstName: Jane
lastName: Doe
password: changeme
updateExistingPassword: false
email: janedoe@example.org
roles:
- source: "default"
role: ui-minimal
- source: "default"
role: repository-write-all
repository:
pruneBlobStores: true
blobStores:
- name: apt
type: File
attributes:
file:
path: apt
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: docker
type: File
attributes:
file:
path: docker
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: golang
type: File
attributes:
file:
path: golang
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: maven
type: File
attributes:
file:
path: maven
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: npm
type: File
attributes:
file:
path: npm
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: nuget
type: File
attributes:
file:
path: nuget
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: raw
type: File
attributes:
file:
path: raw
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: rubygems
type: File
attributes:
file:
path: rubygems
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: pypi
type: File
attributes:
file:
path: pypi
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
- name: yum
type: File
attributes:
file:
path: yum
blobStoreQuotaConfig:
quotaLimitBytes: 10240000000
quotaType: spaceUsedQuota
pruneCleanupPolicies: true
cleanupPolicies:
- name: cleanup-everything
format: ALL_FORMATS
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-apt-proxy
format: apt
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-docker-proxy
format: docker
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-golang-proxy
format: go
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-maven-proxy
format: maven2
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-npm-proxy
format: npm
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-nuget-proxy
format: nuget
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-pypi-proxy
format: pypi
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-raw-proxy
format: raw
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-rubygems-proxy
format: rubygems
notes: ''
criteria:
lastDownloaded: 864000
- name: cleanup-yum-proxy
format: yum
notes: ''
criteria:
lastDownloaded: 864000
pruneRepositories: true
repositories:
# https://help.sonatype.com/repomanager3/formats/apt-repositories
- name: apt-hosted
online: true
recipeName: apt-hosted
attributes:
apt:
distribution: focal
aptSigning:
keypair: "${file:/run/secrets/gpg_key_example}"
passphrase: "${file:/run/secrets/gpg_passphrase_example}"
storage:
blobStoreName: apt
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
cleanup:
policyName:
- None
- name: apt-ubuntu
online: true
recipeName: apt-proxy
attributes:
apt:
distribution: focal
aptSigning:
keypair: "${file:/run/secrets/gpg_key_example}"
passphrase: "${file:/run/secrets/gpg_passphrase_example}"
proxy:
contentMaxAge: -1
remoteUrl: https://archive.ubuntu.com/ubuntu/
metadataMaxAge: 1440
storage:
blobStoreName: apt
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
cleanup:
policyName:
- cleanup-apt-proxy
- name: chromedriver-dist
online: true
recipeName: raw-proxy
attributes:
raw:
contentDisposition: ATTACHMENT
proxy:
remoteUrl: https://chromedriver.storage.googleapis.com/
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: raw
strictContentTypeValidation: true
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-raw-proxy
- name: cypress-dist
online: true
recipeName: raw-proxy
attributes:
raw:
contentDisposition: ATTACHMENT
proxy:
remoteUrl: https://download.cypress.io/
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: raw
strictContentTypeValidation: true
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-raw-proxy
# https://help.sonatype.com/repomanager3/formats/docker-registry
- name: docker-hosted
online: true
recipeName: docker-hosted
attributes:
docker:
forceBasicAuth: true # Do not permit anonymous access to this repository
v1Enabled: true
# httpPort: 8082 # Uncomment to activate
# httpsPort: 8083 # Requires Nexus Jetty be configured to use SSL Certificates
storage:
blobStoreName: docker
strictContentTypeValidation: true
writePolicy: ALLOW
cleanup:
policyName:
- None
- name: docker-proxy
online: true
recipeName: docker-proxy
attributes:
docker:
forceBasicAuth: false # Allow anonymous access
v1Enabled: true
proxy:
remoteUrl: https://registry-1.docker.io
contentMaxAge: -1.0
metadataMaxAge: 1440.0
dockerProxy:
indexType: HUB
cacheForeignLayers: true
foreignLayerUrlWhitelist:
- '.*'
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: docker
strictContentTypeValidation: true
routingRules:
routingRuleId: null
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-docker-proxy
- name: docker
online: true
recipeName: docker-group
attributes:
docker:
forceBasicAuth: false # Each repo uses its own setting
v1Enabled: true
storage:
blobStoreName: docker
strictContentTypeValidation: true
group:
memberNames:
- "docker-hosted"
- "docker-proxy"
# https://help.sonatype.com/repomanager3/formats/go-repositories
# GOPROXY should point to the _group_ repository URL
# golang requires anonymous access for this to work
- name: golang-gonexus-proxy
online: true
recipeName: go-proxy
attributes:
golang:
forceBasicAuth: false # Allow anonymous access
v1Enabled: true
proxy:
remoteUrl: https://gonexus.dev
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: golang
strictContentTypeValidation: true
routingRules:
routingRuleId: null
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-golang-proxy
- name: golang-group
online: true
recipeName: go-group
attributes:
golang:
forceBasicAuth: false # Each repo uses its own setting
v1Enabled: true
storage:
blobStoreName: golang
strictContentTypeValidation: true
group:
memberNames:
- "golang-gonexus-proxy"
# https://help.sonatype.com/repomanager3/formats/maven-repositories
- name: maven-snapshots
online: true
recipeName: maven2-hosted
attributes:
maven:
versionPolicy: SNAPSHOT
layoutPolicy: STRICT
storage:
writePolicy: ALLOW
strictContentTypeValidation: true
blobStoreName: maven
- name: maven-releases
online: true
recipeName: maven2-hosted
attributes:
maven:
versionPolicy: RELEASE
layoutPolicy: STRICT
storage:
writePolicy: ALLOW_ONCE
strictContentTypeValidation: true
blobStoreName: maven
- name: maven-central
online: true
recipeName: maven2-proxy
attributes:
proxy:
contentMaxAge: -1
remoteUrl: https://repo1.maven.org/maven2/
metadataMaxAge: 1440
negativeCache:
timeToLive: 1440
enabled: true
storage:
strictContentTypeValidation: false
blobStoreName: maven
httpclient:
connection:
blocked: false
autoBlock: true
maven:
versionPolicy: RELEASE
layoutPolicy: PERMISSIVE
cleanup:
policyName:
- cleanup-maven-proxy
- name: maven
online: true
recipeName: maven2-group
attributes:
maven:
versionPolicy: MIXED
group:
memberNames:
- "maven-snapshots"
- "maven-releases"
- "maven-central"
storage:
blobStoreName: maven
# https://help.sonatype.com/repomanager3/formats/npm-registry
- name: npm-hosted
online: true
recipeName: npm-hosted
attributes:
storage:
blobStoreName: npm
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
cleanup:
policyName:
- None
- name: npm-proxy
online: true
recipeName: npm-proxy
attributes:
proxy:
remoteUrl: https://registry.npmjs.org
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: npm
strictContentTypeValidation: true
routingRules:
routingRuleId: null
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-npm-proxy
- name: npm
online: true
recipeName: npm-group
attributes:
storage:
blobStoreName: npm
strictContentTypeValidation: true
group:
memberNames:
- "npm-proxy"
- "npm-hosted"
# NuGet Support: https://help.sonatype.com/repomanager3/formats/nuget-repositories
# v3 URLs must be used if v3 proxy is present
- name: nuget-proxy
online: true
recipeName: nuget-proxy
attributes:
proxy:
remoteUrl: https://api.nuget.org/v3/index.json
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: nuget
strictContentTypeValidation: true
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-nuget-proxy
- name: nuget-hosted
online: true
recipeName: nuget-hosted
attributes:
storage:
blobStoreName: nuget
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
- name: nuget
online: true
recipeName: nuget-group
attributes:
storage:
blobStoreName: nuget
strictContentTypeValidation: true
group:
memberNames:
- "nuget-hosted"
- "nuget-proxy"
# https://help.sonatype.com/repomanager3/formats/pypi-repositories
- name: pypi-proxy
online: true
recipeName: pypi-proxy
attributes:
proxy:
remoteUrl: https://pypi.org/
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: pypi
strictContentTypeValidation: true
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-pypi-proxy
- name: pypi-hosted
online: true
recipeName: pypi-hosted
attributes:
storage:
blobStoreName: pypi
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
- name: pypi-group
online: true
recipeName: pypi-group
attributes:
storage:
blobStoreName: pypi
strictContentTypeValidation: true
group:
memberNames:
- "pypi-hosted"
- "pypi-proxy"
# https://help.sonatype.com/repomanager3/formats/raw-repositories
- name: raw-hosted
online: true
recipeName: raw-hosted
attributes:
storage:
blobStoreName: raw
strictContentTypeValidation: true
writePolicy: ALLOW
cleanup:
policyName:
- None
# How to configure proprietary component - requires Nexus firewall
raw:
contentDisposition: ATTACHMENT # or inline
component:
proprietaryComponents: true
- name: nodejs-dist
online: true
recipeName: raw-proxy
attributes:
raw:
contentDisposition: ATTACHMENT
proxy:
remoteUrl: https://nodejs.org/dist/
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: raw
strictContentTypeValidation: true
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-raw-proxy
# https://help.sonatype.com/repomanager3/formats/rubygems-repositories
- name: rubygems-proxy
online: true
recipeName: rubygems-proxy
attributes:
proxy:
remoteUrl: https://rubygems.org/
contentMaxAge: -1.0
metadataMaxAge: 1440.0
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
storage:
blobStoreName: rubygems
strictContentTypeValidation: true
negativeCache:
enabled: true
timeToLive: 1440.0
cleanup:
policyName:
- cleanup-rubygems-proxy
- name: rubygems-hosted
online: true
recipeName: rubygems-hosted
attributes:
storage:
blobStoreName: rubygems
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
- name: rubygems-group
online: true
recipeName: rubygems-group
attributes:
storage:
blobStoreName: rubygems
strictContentTypeValidation: true
group:
memberNames:
- "rubygems-hosted"
- "rubygems-proxy"
# https://help.sonatype.com/repomanager3/formats/yum-repositories
# Please read the documentation around repodataDepth
- name: yum-hosted
online: true
recipeName: yum-hosted
attributes:
yum:
repodataDepth: 3
deployPolicy: STRICT # PERMISSIVE for maven yum deployment
storage:
blobStoreName: yum
strictContentTypeValidation: true
writePolicy: ALLOW
cleanup:
policyName:
- None
- name: yum-centos
online: true
recipeName: yum-proxy
attributes:
yum:
repodataDepth: 3
deployPolicy: STRICT # PERMISSIVE for maven yum deployment
yumSigning:
keypair: "${file:/run/secrets/gpg_key_example}"
passphrase: "${file:/run/secrets/gpg_passphrase_example}"
httpclient:
blocked: false
autoBlock: true
connection:
useTrustStore: false
negativeCache:
enabled: true
timeToLive: 1440.0
proxy:
contentMaxAge: -1
remoteUrl: http://mirror.centos.org/centos/
metadataMaxAge: 1440
storage:
blobStoreName: yum
strictContentTypeValidation: true
writePolicy: ALLOW_ONCE
cleanup:
policyName:
- cleanup-yum-proxy
- name: yum-group
online: true
recipeName: yum-group
attributes:
group:
memberNames:
- yum-hosted
- yum-centos
yumSigning:
keypair: "${file:/run/secrets/gpg_key_example}"
passphrase: "${file:/run/secrets/gpg_passphrase_example}"
storage:
blobStoreName: yum
strictContentTypeValidation: true
cleanup:
policyName:
- cleanup-yum-proxy

29
test/docker-compose.yaml Normal file
View File

@ -0,0 +1,29 @@
version: '3.8'
services:
nexus:
image: 'adphi/nexus3:3.41.1-casc'
container_name: 'nexus'
user: 'nexus'
environment:
BASE_URL: 'http://localhost:8081'
NEXUS_SECURITY_RANDOMPASSWORD: 'false'
NEXUS_CASC_CONFIG: '/opt/nexus.yml'
# INSTALL4J_ADD_VM_PARAMS: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=5005"
ports:
- 8081:8081
expose:
- 8081
volumes:
- './default-nexus.yml:/opt/nexus.yml:ro'
secrets:
- password_johndoe
- gpg_key_example
- gpg_passphrase_example
secrets:
password_johndoe:
file: ./password_johndoe
gpg_key_example:
file: ./gpg-example.key
gpg_passphrase_example:
file: ./gpg-example.passphrase

35
test/gpg-example.key Normal file
View File

@ -0,0 +1,35 @@
-----BEGIN PGP PRIVATE KEY BLOCK-----
lQIGBGBEBNcBBADN8jxtYqw4HKbqZqEG7syfeK7MtHH3maGqmHG83vsHCTOJa8+G
CdotqU5obGhKKLsgvKj/Gm6QJkUFQY5s7DjoddOnkxZVNLcJHhPTaXQMRrYTeBi4
25PiMajac3Y0ts/EMwh9ii/FVFAz+CIpGfhHEAWQNXZ77wQa9rav4imvSwARAQAB
/gcDAi/Ucb/jSoO2/8y1P6ayfZ9HKRIhkAmgtzOLjp9RJ247cGxpvU7v1fSt7FgX
IUTYosk4LAmj7tzx0VxP//9plMAakVoc0KnwOrybjOUxWTq5EBk9yh0MBzBzLeHG
89PqfojRC+1KBJCzl+0lJHSvt6lkJHllOTiBXLH2ofbWm2Kyb19tFRNf+RMTzQ1o
eVi66HHZgG37CDYS0lPm9YU3QDOFert/bcasqzInLON7zGG6NFth8hgK/HHMoCgT
RmdbV7V55cVAGRVa1utzuKY9JxovWKCwgCTzS50pd4B9T6xe8O7+DNapjutE/o3y
J/4x2Ae9S3A6V49ju7U6u8UVIdfaB6sWKifOqIvOc6m07NYbi5Nnz4ykrYeCqtli
+BKO5nKiRXdY4x2gDEV56DIA1f0fOCLjEKZdLodaA8Sp8iTGvVlGFcgHndISTKpk
WGDDExuJO1Ls9r7a9Z9PvOqZOE8cdib1/F18d3fl+XGdkf1CQ4D44W+0HUV4YW1w
bGUgPGV4YW1wbGVAZXhhbXBsZS5jb20+iM4EEwEKADgWIQQXa2yOr0SRmj4qjI+S
Eq/EdJf/IQUCYEQE1wIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCSEq/E
dJf/IcjBA/9z9n1BgmY1JBAEbLi7KxdY+YLE6xWq7tgg2vxwGemERGar89EDwmsr
NZCaJBURn95oVKdzQ6tabgmM/jm9lPhsMcMhMnzjUVfTQ2uE1liCJMzTcInxEWFD
WbxOgbI6OglZE4+2hpZPn/sZ2Gak/+HJy2/6tDCnnmzCnzPcYJxCeJ0CBgRgRATX
AQQAy9EPr/y4e1MDgL9LDATohmSXkCDobQeCmgI8+FY2c7cEq0LVwOPfUjDcBpBV
Pqdbg/VECNHklNUtevX1nnNdkX0cwYE4MJbx+bnNPx9QsvKoGbXmj2NmNJpWXhsZ
N/hJgwfyj407LDr6CrpSiMNpYb0QxKxtqWGwHQWjoY4TSHUAEQEAAf4HAwJgDoqE
Drn98v99ujzyo+2Vwmxd9+MBJlOaFD/LMLTmQekaUQZkTjk7jiOueNjRpFBJjpU5
bb+8XvsyRBmJ2MDyKs47sSLFcQz//d8mms39S2r+zWTBowC1s489SZK46gdhypcs
yziw6xdjcocRoAx5gMX1PHtnTT3jtXityjgimF2MbabQ6fu9IQ1bLIt9I0Z1iYsp
WPDF91WEEfxs1W+i0RKONrfcleRIUU9wnk/X83ABQPPWZocJhfEfLWnTO+oO4lBi
3wMyF0o64IjufLjC7QRmELU3QAMVnuqdCNOLfF8xCvlaTCUAiz20xq4vZEeQjVjn
iPiCw8UV08nGfITEVOffhxj9l11CUkI/DSrgbkeLSTybs++eC/iZElDik/kQvnEm
aHMkV+EMMUY/pmZGicz3pr5zEaqHTk1lu9qZYJcNWb9kNuw7ju1z8QDN8uXW7vTJ
SSEb/TGfZh/Wr85wNzRHBnPbmFzuFdsr++qz1W4k2W4tiLYEGAEKACAWIQQXa2yO
r0SRmj4qjI+SEq/EdJf/IQUCYEQE1wIbDAAKCRCSEq/EdJf/IQ+EBACO488Na08y
NQL8mBfBtcCnwTCe7kJNHi4Jw5xciiUPC4Fu4bODCqanHBJIlEwkkz8xWw/JRj//
D8qiZ0FqJ0EbXXx8sF4UmKkcTV9c0K/9pWUMsRjRgkD5nnUp2A+LPCZFlgQZMtvh
uARFigR4P8GJyJD/aLRYc0eJSD60gn3ywA==
=Kieb
-----END PGP PRIVATE KEY BLOCK-----

1
test/gpg-example.passphrase Normal file
View File

@ -0,0 +1 @@
admin123

19
test/gpg-example.pub Normal file
View File

@ -0,0 +1,19 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mI0EYEQE1wEEAM3yPG1irDgcpupmoQbuzJ94rsy0cfeZoaqYcbze+wcJM4lrz4YJ
2i2pTmhsaEoouyC8qP8abpAmRQVBjmzsOOh106eTFlU0twkeE9NpdAxGthN4GLjb
k+IxqNpzdjS2z8QzCH2KL8VUUDP4IikZ+EcQBZA1dnvvBBr2tq/iKa9LABEBAAG0
HUV4YW1wbGUgPGV4YW1wbGVAZXhhbXBsZS5jb20+iM4EEwEKADgWIQQXa2yOr0SR
mj4qjI+SEq/EdJf/IQUCYEQE1wIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAK
CRCSEq/EdJf/IcjBA/9z9n1BgmY1JBAEbLi7KxdY+YLE6xWq7tgg2vxwGemERGar
89EDwmsrNZCaJBURn95oVKdzQ6tabgmM/jm9lPhsMcMhMnzjUVfTQ2uE1liCJMzT
cInxEWFDWbxOgbI6OglZE4+2hpZPn/sZ2Gak/+HJy2/6tDCnnmzCnzPcYJxCeLiN
BGBEBNcBBADL0Q+v/Lh7UwOAv0sMBOiGZJeQIOhtB4KaAjz4VjZztwSrQtXA499S
MNwGkFU+p1uD9UQI0eSU1S169fWec12RfRzBgTgwlvH5uc0/H1Cy8qgZteaPY2Y0
mlZeGxk3+EmDB/KPjTssOvoKulKIw2lhvRDErG2pYbAdBaOhjhNIdQARAQABiLYE
GAEKACAWIQQXa2yOr0SRmj4qjI+SEq/EdJf/IQUCYEQE1wIbDAAKCRCSEq/EdJf/
IQ+EBACO488Na08yNQL8mBfBtcCnwTCe7kJNHi4Jw5xciiUPC4Fu4bODCqanHBJI
lEwkkz8xWw/JRj//D8qiZ0FqJ0EbXXx8sF4UmKkcTV9c0K/9pWUMsRjRgkD5nnUp
2A+LPCZFlgQZMtvhuARFigR4P8GJyJD/aLRYc0eJSD60gn3ywA==
=Gdw2
-----END PGP PUBLIC KEY BLOCK-----

1
test/password_johndoe Normal file
View File

@ -0,0 +1 @@
admin123