Switched to HVAC Agent instead of connecting to the vault directly

2025-10-04 22:14:47 +02:00 · 2025-10-04 22:14:47 +02:00 · f67fd99333
commit f67fd99333
parent d356ec8428
1 changed files with 10 additions and 14 deletions
--- a/hvac_handler.py
+++ b/hvac_handler.py
@ -1,18 +1,14 @@
-import base64
 import hvac
+import base64
+import os

-
-client = hvac.Client(
-	url='http://127.0.0.1:8200',
-	token='root'
-)
+HVAC_AGENT_URL = os.getenv("HVAC_AGENT_URL","http://vault-agent:8201")
+client = hvac.Client(url=HVAC_AGENT_URL)

 def decrypt_token(ciphertext: str) -> str:
-	response = client.secrets.transit.decrypt_data(
-		name='push-tokens',
-		ciphertext=ciphertext
-	)
-	plaintext_b64 = response['data']['plaintext']
-	return base64.b64decode(plaintext_b64).decode()
-
-
+    response = client.secrets.transit.decrypt_data(
+        name="push-tokens",
+        ciphertext=ciphertext
+    )
+    plaintext_b64 = response["data"]["plaintext"]
+    return base64.b64decode(plaintext_b64).decode()