From 7eb2bf68d8bd25da711413e9af564f15370361b7 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Tue, 28 Mar 2023 22:52:10 +0200
Subject: [PATCH] home.switch-rack: use password for authentication

---
 nodes.py                    |  3 +++
 nodes/home.switch-rack.toml |  3 ++-
 scripts/passwords-for       | 11 ++++++++---
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/nodes.py b/nodes.py
index b9110ad..9be84b4 100644
--- a/nodes.py
+++ b/nodes.py
@@ -15,3 +15,6 @@ for node in Path(join(repo_path, "nodes")).rglob("*.py"):
 for name, data in nodes.items():
     data.setdefault('hostname', '.'.join(reversed(name.split('.'))) + '.kunbox.net')
     data.setdefault('metadata', {}).setdefault('hostname', '.'.join(reversed(name.split('.'))) + '.kunbox.net')
+
+    if 'password' in data:
+        data['password'] = vault.decrypt(data['password'])
diff --git a/nodes/home.switch-rack.toml b/nodes/home.switch-rack.toml
index 2f5dbda..1944e1e 100644
--- a/nodes/home.switch-rack.toml
+++ b/nodes/home.switch-rack.toml
@@ -1,5 +1,6 @@
 bundles = ["routeros"]
 hostname = "172.19.138.4"
+locking_node = "home.router"
 os = "routeros"
+password = "encrypt$gAAAAABkI1Eqsust7XuYFK2-FaRzXWM5fOXumhdi5fWNokLtM0CBAqVqc5zcg37XH_JIZvkhp3buKvswcvd_znaV3Rb8kKeJTs4_VJo6OsvbiWkujfT50HspoUXER0JSZSmeZts8a_2i"
 username = "admin"
-# TODO password
diff --git a/scripts/passwords-for b/scripts/passwords-for
index c12fa7b..10beb14 100755
--- a/scripts/passwords-for
+++ b/scripts/passwords-for
@@ -2,6 +2,7 @@
 from os import environ
 from sys import argv
 
+from bundlewrap.metagen import NodeMetadataProxy
 from bundlewrap.exceptions import FaultUnavailable
 from bundlewrap.repo import Repository
 from bundlewrap.utils import Fault
@@ -19,13 +20,17 @@ def print_faults(dictionary, keypath=[]):
             else:
                 if '\n' not in resolved_fault:
                     print('{}/{}: {}'.format('/'.join(keypath), key, value))
-        elif isinstance(value, dict):
+        elif isinstance(value, (list, set, tuple)):
+            print_faults(dict(enumerate(value)), keypath=keypath+[key])
+        elif isinstance(value, (dict, NodeMetadataProxy)):
             print_faults(value, keypath=keypath+[key])
 
-
 if len(argv) == 1:
     print('node name missing')
     exit(1)
 
 node = repo.get_node(argv[1])
-print_faults(node.metadata)
+print_faults({
+    'password': node.password,
+    'metadata': node.metadata,
+})