Newer
Older
Deployment Secrets
==================
Deploying PrivateStorageio requires certain secrets.
For the localdev grid these secrets are kept in this (public) directory.
This is intended to help make it as easy as possible to launch a local deployment.
It also serves as an example of what secrets are required for any other deployment.
You can find more information about some of these secrets in ``ops/generating-keys.rst``.
deploy_key
----------
This is an SSH private key which will be authorized to trigger a deployment update on the deployment hosts themselves.
The corresponding SSH public key is kept in the ``public-keys`` location.
grafana-admin.password
----------------------
This is the initial admin password for the Grafana web admin on the monitoring host.
stripe.secret
-------------
This is the Stripe secret key which the payment server uses to finalize payment processing using Stripe.
The corresponding Stripe public key is kept in the ``public-keys`` location.
ristretto.signing-key
---------------------
This is the Ristretto-group private key used by the ZKAP issuer.
monitoringvpn
-------------
This directory holds Wireguard private keys for each of the hosts so they can participate in the deployment VPN.
The corresponding public keys are kept in the ``public-keys`` location.
payments-localdev-ssl
---------------------
This secret is *only* present for the localdev grid.
This contains a TLS certificate and private key for the payment server.
Other deployments will automatically generate a key and obtain a certificate from Let's Encrypt.