Page MenuHomeDevCentral

Store credentials in Vault
Open, NormalPublic

Description

Currently, credentials are store in the registry, ie a table in database.

Let's move them to Vault.

Plan is:

  • create a Vault client in TCL, release it into tcllib or as standalone package if not possible
  • provide helper TCL commands specific to our eggdrop logic to help to connect and retrieve secret from apps/viperserv/
  • configure eggdrop to read approle credentials from a file provisioned through viperserv role in rOPS
  • move credentials to Vault
  • test it with active stuff (nickserv, MySQL, RabbitMQ)