pick up VAULT_PASSWORD environment variable if set

sommer · Feb 4, 2021 · fbb209d · fbb209d
1 parent 8b6fedb
commit fbb209d
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/README.txt b/README.txt
@@ -51,3 +51,13 @@ Quickstart:
 ./loxodo.py -i
 	runs Loxodo in command line interactive mode
 
+
+Getting the pass phrase from the environment:
+---------------------------------------------
+
+This is risky and is intended only for careful automation purposes. 
+Only consider this if you are confident you can keep the contents of your environment
+variables secret. In particular, someone who gets hold of the same filesystem with both the password safe
+file and the environment variable has, effecitvely, full access to all your passwords.
+
+If you can live with the risk you can set VAULT_PASSWORD in the environment.
diff --git a/src/frontends/cmdline/loxodo.py b/src/frontends/cmdline/loxodo.py
@@ -71,7 +71,10 @@ def _encode_line(self, line):
     def open_vault(self):
         print("Opening " + self.vault_file_name + "...")
         try:
-            self.vault_password = self._getpass("Vault password: ")
+            if os.environ.get('VAULT_PASSWORD'):
+                self.vault_password = os.environ['VAULT_PASSWORD']
+            else:
+                self.vault_password = self._getpass("Vault password: ")            
         except EOFError:
             print("\n\nBye.")
             raise RuntimeError("No password given")