A personal password/token manager TUI for developers to generate various types of hash/salted secrets and store them in different cloud based vaults
Because managing tokens, pins used in various dummy/dev apps require them to be generated first, and store them somewhere, I personally used 3 sites to generate random API dummy tokens, store them in other site. It become a big mess, and I thought there has to be a simple way where I can generate passwords and Do It mYself hence PassDIY.
- Generation of strong secrets like pins, passwords, API tokens, passphrases
- Generate X multiple secrets at once and pick X and X password generation algorithms
- Hash tokens/passwords with Argon2Id and Bcrypt
- Salt tokens/passwords
- Copy passwords to clipboard
- Automatically config password/token lengths and other settings
- Hashicorp Vault integration to connect to secure vault and store generated secrets on cloud
- 1Password integration to connect to secure vault and store generated secrets on cloud
- Custom vaults support via extend package in passdiy to allow you to connect to your own cloud vaults via passDiy UI
- hcpvaultconnect automatically connect to hcp vault via service principle
- hcpvaultstore store secrets into the vault via name=value format
- hcpvaultlist list log details about token created at, created by details
- 1passstore store secrets into the vault via name|password|url format
- 1passwordlist list secret names for connected vault
Don't see a vault you use, but not supported by PassDIY? No worries! write your own vaults driver code in /extend within provided functions and set export USE_PASDIY_CUSTOM_VAULT=trueto connect PassDIY to your vault provider. Read /extend/README.md
To allow PassDIY to store and connect to your Hashicorp vault you must create a service principle with Vault Secrets App Manager permission. Also would need set below envs
export HCP_CLIENT_ID=<your-hcp-client-id>
export HCP_CLIENT_SECRET=<your-hcp-client-secret>
more detailed in ./Setup.md
To allow PassDIY to connect to your 1Password Vault you would need to set service principle anf the service account token
export OP_SERVICE_ACCOUNT_TOKEN=<your-service-account-token>
to config custom vaults that are not currently supported by Passdiy all you have to do is edit the interface.go file and define your custom implementation of the functions, then you set export USE_PASDIY_CUSTOM_VAULT=true and PassDIY will automatically interface the custom vault
package extend
var (
VAULT_PREFIX = "pref"
VAULT_MAIN_DESC = "Manage token/password on " + VAULT_PREFIX
VAULT_SUBCOMMAND_NAMES = []string{VAULT_PREFIX + "store", VAULT_PREFIX + "list"}
VAULT_SUBCOMMAND_DESC = []string{"store", "lists"}
VAULT_DISPLAY_COLOR = "#E2EAF4"
)
func ConnectUI() string {
return Connect()
}
func StoreUI(userInput string) string {
var parser string
return Create(userInput, parser)
}
func ListUI() string {
return List()
}If you have make installed, follow these steps to build, run, and install passdiy:
-
Build the project:
make build -
Run the application:
make run -
Install globally (optional):
sudo make install
You can then run it from anywhere with: passdiy
If you do not have make you can build and run it traditionally with:
go run .
You can uninstall passdiy with:
sudo make uninstall
- dynamically change config
- add more vaults possibly vercel/Azure key vault
- add more hashing algos