Page MenuHomeDevCentral

Secrets to migrate from DevCentral to Vault
Open, LowPublic

Description

Here an inventory of secrets currently stored:

IDTitleDescriptionProposed action Status
K2Zemke-Rhyne SSH keyKey used to connect to zr@ysul.nasqueron.org to use arc commands Migrate
K17Ysul-Jails-ftp-jenksbakYsul ­— ftp. — Shell account for Jenks backup Destroy
K20Nasqueron ship on Zed - Kadira app secretValues for KADIRA_APP_ID and KADIRA_APP_SECRET environment variables Migrate
K21Nasqueron ship on Zed - MongoDBMongoDB 2.4 cartridge credentials for ship.nasqueron.org Migrate
K33stages@wolfplex.be mailbox passwordMailbox used for stages.wolfplex.be job board. Migrate
K34Wolfplex Stages admin passwordAdmin account for stages.wolfplex.be Migrate
K38Operations root account on DwellersPassword to allow from ops@dwellers to gain access to ops-root@dwellers through su ops-root. Transform into sudo policy
K40sandstorm.nasqueron.org root accessDigital Ocean droplet to test Sandstorm's root password (not used anymore) DestroyDestroyed
K45SendGrid API key for Zed applications Used by code.zed.dereckson.be Migrate
K47Database credentials for CachetDB_USERNAME/DB_PASSWORD for cachet container environment variables Migrate
K49jenkins-slave-php SSH keyJenkins SSH key to connect to Docker containers using the nasqueron/jenkins-slave-php image. Migrate
K52Drydock CI/CDConnect to Drydock hosts for CI and CD purposes. Investigate use
K53alken-orinalken-orin account on GitHub Migrate
K56Notifications center broker accessAccess to white-rabbit.nasqueron.org RabbitMQ instance for the Notifications center. Migrate
K57Alken-Orin's master SSH keySSH key for Alken-Orin GH/DevCentral accounts to interact with repositories Investigate use
K58Root password for uncle-slovius.nasqueron.orgJail to test Rocket Chat. See T714. Transform into sudo policyDestroyed
K61Sentry — PostgreSQLSentry PostgreSQL password Migrate
K62Sentry — Secret keySecret key for Sentry instances, to use as -e SENTRY_SECRET_KEY=... to run Docker containers. Migrate
K63SMTP credential for forum.nasqueron.orgsmtp.mailgun.org Migrate
K67Auth grove MySQL accessMySQL credentials for 'login' Docker container on Dwellers Migrate
K70AWS ConsoleAccess to the Amazon S3 account used for Vault (Chicken or the egg problem) Keep here

Actively used keys

Delete these keys must be done with the greatest care, as they would impede normal use:

  • Account passwords for humans:
  • Docker run scripts on Dwellers:
    • run-login K67
    • run-notifications K56
    • run-sentry* K61, K62
    • run-zedphab K45
  • Docker provisioning through rOPS:
    • cachet K47
    • Etherpad K125