infrastructure

mirror/infrastructure

Fork 0

mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-20 01:21:36 +02:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Evangelos Foutras	434763e19c	misc/vault-keyring-client.sh: explain flock usage Fixes: `511b6ca4e1` ("misc/vault-keyring-client.sh: add flock workaround")	2022-08-25 05:53:42 +03:00
Evangelos Foutras	511b6ca4e1	misc/vault-keyring-client.sh: add flock workaround Otherwise running terraform under tf-stage2 will often fail with: > ansible.errors.AnsibleError: Vault password client script > ../misc/vault-keyring-client.sh did not find a secret for > vault-id=default: b'gpg: decryption failed: No secret key\n'	2022-05-09 23:12:48 +03:00
Evangelos Foutras	b4d60ae2f6	Move highly sensitive secrets to new "super" vault The idea bebind this is to be able to give vault access to new DevOps members without giving away more important credentials like Hetzner's.	2022-05-07 17:45:19 +03:00

Evangelos Foutras

434763e19c

misc/vault-keyring-client.sh: explain flock usage

Fixes: 511b6ca4e1 ("misc/vault-keyring-client.sh: add flock workaround")

2022-08-25 05:53:42 +03:00

Evangelos Foutras

511b6ca4e1

misc/vault-keyring-client.sh: add flock workaround

Otherwise running terraform under tf-stage2 will often fail with:

> ansible.errors.AnsibleError: Vault password client script
> ../misc/vault-keyring-client.sh did not find a secret for
> vault-id=default: b'gpg: decryption failed: No secret key\n'

2022-05-09 23:12:48 +03:00

Evangelos Foutras

b4d60ae2f6

Move highly sensitive secrets to new "super" vault

The idea bebind this is to be able to give vault access to new DevOps
members without giving away more important credentials like Hetzner's.

2022-05-07 17:45:19 +03:00

3 Commits