From ce19c798e451e57036190f67c34a228c0cd993c9 Mon Sep 17 00:00:00 2001 From: Florian Sesser <florian@privatestorage.io> Date: Tue, 1 Jun 2021 21:04:29 +0000 Subject: [PATCH] Provide example secrets in local grid --- morph/README.rst | 4 ++++ morph/grid/local/.gitignore | 1 - morph/grid/local/secrets/monitoringvpn/172.23.23.11.key | 1 + morph/grid/local/secrets/monitoringvpn/172.23.23.11.pub | 1 + morph/grid/local/secrets/monitoringvpn/172.23.23.12.key | 1 + morph/grid/local/secrets/monitoringvpn/172.23.23.12.pub | 1 + morph/grid/local/secrets/monitoringvpn/172.23.23.13.key | 1 + morph/grid/local/secrets/monitoringvpn/172.23.23.13.pub | 1 + morph/grid/local/secrets/monitoringvpn/preshared.key | 1 + morph/grid/local/secrets/monitoringvpn/server.key | 1 + morph/grid/local/secrets/monitoringvpn/server.pub | 1 + morph/grid/local/secrets/ristretto.signing-key | 1 + morph/grid/local/secrets/stripe.secret | 1 + 13 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 morph/grid/local/secrets/monitoringvpn/172.23.23.11.key create mode 100644 morph/grid/local/secrets/monitoringvpn/172.23.23.11.pub create mode 100644 morph/grid/local/secrets/monitoringvpn/172.23.23.12.key create mode 100644 morph/grid/local/secrets/monitoringvpn/172.23.23.12.pub create mode 100644 morph/grid/local/secrets/monitoringvpn/172.23.23.13.key create mode 100644 morph/grid/local/secrets/monitoringvpn/172.23.23.13.pub create mode 100644 morph/grid/local/secrets/monitoringvpn/preshared.key create mode 100644 morph/grid/local/secrets/monitoringvpn/server.key create mode 100644 morph/grid/local/secrets/monitoringvpn/server.pub create mode 100644 morph/grid/local/secrets/ristretto.signing-key create mode 100644 morph/grid/local/secrets/stripe.secret diff --git a/morph/README.rst b/morph/README.rst index 1f48d5e0..12472518 100644 --- a/morph/README.rst +++ b/morph/README.rst @@ -55,6 +55,10 @@ This path is **ignored** by git. The intended workflow is that the secrets will be maintained on secure storage and a symlink to the correct location created here. This keeps the secrets themselves out of the git working tree as an extra protection against unintentionally committing them. +An exception is the ``secrets`` directory in the ``local`` morph grid: +That directory is fully populated, provided as an example, and mostly: not very secret. +Do not deploy these keys to machines reachable via the internet. + config.json ~~~~~~~~~~~ diff --git a/morph/grid/local/.gitignore b/morph/grid/local/.gitignore index 575bd4cc..8000dd9d 100644 --- a/morph/grid/local/.gitignore +++ b/morph/grid/local/.gitignore @@ -1,2 +1 @@ .vagrant -secrets diff --git a/morph/grid/local/secrets/monitoringvpn/172.23.23.11.key b/morph/grid/local/secrets/monitoringvpn/172.23.23.11.key new file mode 100644 index 00000000..22f11b7b --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/172.23.23.11.key @@ -0,0 +1 @@ +cLP62YAYoA7FY+OhSLR64DIHekOjGGQlfJAWp5cYP00= diff --git a/morph/grid/local/secrets/monitoringvpn/172.23.23.11.pub b/morph/grid/local/secrets/monitoringvpn/172.23.23.11.pub new file mode 100644 index 00000000..44c0d84b --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/172.23.23.11.pub @@ -0,0 +1 @@ +GYNjLkoyQ1d3OMymYbgq40WAHIUzrSEGBWXvxqceF00= diff --git a/morph/grid/local/secrets/monitoringvpn/172.23.23.12.key b/morph/grid/local/secrets/monitoringvpn/172.23.23.12.key new file mode 100644 index 00000000..e717bf7e --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/172.23.23.12.key @@ -0,0 +1 @@ +qFjBtvJKBchzl2HwFvEDoe3zFzyc10osiRlP8HOk2n0= diff --git a/morph/grid/local/secrets/monitoringvpn/172.23.23.12.pub b/morph/grid/local/secrets/monitoringvpn/172.23.23.12.pub new file mode 100644 index 00000000..18110f20 --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/172.23.23.12.pub @@ -0,0 +1 @@ +veio/0E0sJYOjwp3E8EccCyME1pqjkZr4R6whFMdrhs= diff --git a/morph/grid/local/secrets/monitoringvpn/172.23.23.13.key b/morph/grid/local/secrets/monitoringvpn/172.23.23.13.key new file mode 100644 index 00000000..6dd5087e --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/172.23.23.13.key @@ -0,0 +1 @@ +8HlKTvxZBAZeww6JaNk9kBPjSfT0pVMbDJbzV67yUGE= diff --git a/morph/grid/local/secrets/monitoringvpn/172.23.23.13.pub b/morph/grid/local/secrets/monitoringvpn/172.23.23.13.pub new file mode 100644 index 00000000..d80b7abb --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/172.23.23.13.pub @@ -0,0 +1 @@ +4VlUMl9FubrLWaN0pRvfdNjjRBQzfCVLMA2lU7OwPzA= diff --git a/morph/grid/local/secrets/monitoringvpn/preshared.key b/morph/grid/local/secrets/monitoringvpn/preshared.key new file mode 100644 index 00000000..4389e805 --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/preshared.key @@ -0,0 +1 @@ +E7KTLVnWMmP/mIEkU8WX2DBZJaeMS2+sYArRZuGT1o4= diff --git a/morph/grid/local/secrets/monitoringvpn/server.key b/morph/grid/local/secrets/monitoringvpn/server.key new file mode 100644 index 00000000..01058684 --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/server.key @@ -0,0 +1 @@ +iOp2pk2HWyNgRnke7nJgFwodkTWMyHRIKwe8pk+bN3M= diff --git a/morph/grid/local/secrets/monitoringvpn/server.pub b/morph/grid/local/secrets/monitoringvpn/server.pub new file mode 100644 index 00000000..188c4b4c --- /dev/null +++ b/morph/grid/local/secrets/monitoringvpn/server.pub @@ -0,0 +1 @@ +ojo+p9ZE03GN66ewoIlrHmyV7ICt+2LV32Prs66JsA4= diff --git a/morph/grid/local/secrets/ristretto.signing-key b/morph/grid/local/secrets/ristretto.signing-key new file mode 100644 index 00000000..8726b706 --- /dev/null +++ b/morph/grid/local/secrets/ristretto.signing-key @@ -0,0 +1 @@ +NAQBkEEUKPDtq8af5anlHvWMjeSVoH56RnpCTy70QwA= \ No newline at end of file diff --git a/morph/grid/local/secrets/stripe.secret b/morph/grid/local/secrets/stripe.secret new file mode 100644 index 00000000..ebf3fdab --- /dev/null +++ b/morph/grid/local/secrets/stripe.secret @@ -0,0 +1 @@ +sk_test_Dr+XLVjkC0oO3Zw8Ws0yWtDLqR1sM+/fmw -- GitLab