Home
DevCentral
Search
Configure Global Search
Log In
Transactions
T1411
Change Details
Change Details
Old
New
Diff
Pending Vault deployment, we can request Salt to use Zemke-Rhyne to fetch credentials. An example is at D1677: ```lang=python {% set db_username = salt['cmd.run']('ssh -4 -i /etc/zr/id_zr zr@ysul.nasqueron.org getcredentials 47 username') %} {% set db_password = salt['cmd.run']('ssh -4 -i /etc/zr/id_zr zr@ysul.nasqueron.org getcredentials 47') %} ``` Plan: - create the `/etc/zr/id_zr` key - provide a zr wrapper to run `zr getcredentials...` instead of the ssh call Nice to have but not in plan as long as we don't use ZR on a lot of servers: - upload `/etc/zr/id_zr` key to DevCentral (needs an arc command for that) - make zR `data/servers.json` a templated file to add our servers block and keys
Pending Vault deployment, we can request Salt to use Zemke-Rhyne to fetch credentials. An example is at D1677: ```lang=python {% set db_username = salt['cmd.run']('ssh -4 -i /etc/zr/id_zr zr@ysul.nasqueron.org getcredentials 47 username') %} {% set db_password = salt['cmd.run']('ssh -4 -i /etc/zr/id_zr zr@ysul.nasqueron.org getcredentials 47') %} ``` Plan: - create the `/etc/zr/id_zr` key - provide a zr wrapper to run `zr getcredentials...` instead of the ssh call Nice to have but not in plan as long as we don't use ZR on a lot of servers: - upload `/etc/zr/id_zr` key to DevCentral (needs an arc command for that) - make zR `data/servers.json` a templated file to add our servers block and keys
Continue