Page MenuHomeDevCentral

Deploy Zemke-Rhyne on PaaS Docker
Closed, ResolvedPublic

Description

Pending Vault deployment, we can request Salt to use Zemke-Rhyne to fetch credentials.

An example is at D1677:

{% set db_username = salt['cmd.run']('ssh -4 -i /etc/zr/id_zr zr@ysul.nasqueron.org getcredentials 47 username') %}
{% set db_password = salt['cmd.run']('ssh -4 -i /etc/zr/id_zr zr@ysul.nasqueron.org getcredentials 47') %}

Plan:

  • create the /etc/zr/id_zr key
  • provide a zr wrapper to run zr getcredentials... instead of the ssh call

Nice to have but not in plan as long as we don't use ZR on a lot of servers:

  • upload /etc/zr/id_zr key to DevCentral (needs an arc command for that)
  • make zR data/servers.json a templated file to add our servers block and keys