Reorganize app/ and add script for secret management #29
3 changed files with 38 additions and 0 deletions
|
@ -82,6 +82,7 @@ alias bind_df="ssh \
|
||||||
-L 8500:127.0.0.1:8500 \
|
-L 8500:127.0.0.1:8500 \
|
||||||
-L 8082:traefik-admin.service.2.cluster.deuxfleurs.fr:8082 \
|
-L 8082:traefik-admin.service.2.cluster.deuxfleurs.fr:8082 \
|
||||||
-L 5432:psql-proxy.service.2.cluster.deuxfleurs.fr:5432 \
|
-L 5432:psql-proxy.service.2.cluster.deuxfleurs.fr:5432 \
|
||||||
|
-L 1389:bottin2.service.2.cluster.deuxfleurs.fr:389 \
|
||||||
<a server from the cluster>"
|
<a server from the cluster>"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,37 @@
|
||||||
|
## How to install `secretmgr`
|
||||||
|
|
||||||
|
How to install its dependencies:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# on fedora:
|
||||||
|
dnf install -y openldap-devel
|
||||||
|
# on ubuntu:
|
||||||
|
apt-get install -y libldap2-dev
|
||||||
|
|
||||||
|
# for eveyrone:
|
||||||
|
pip3 install --user --requirement requirements.txt
|
||||||
|
```
|
||||||
|
|
||||||
|
## How to use `secretmgr`
|
||||||
|
|
||||||
|
Check that all secrets are correctly deployed for app `dummy`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
./secretmgr.py check dummy
|
||||||
|
```
|
||||||
|
|
||||||
|
Generate secrets for app `dummy` if they don't already exist:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
./secretmgr.py gen dummy
|
||||||
|
```
|
||||||
|
|
||||||
|
Rotate secrets for app `dummy`, overwriting existing ones (be careful, this is dangerous!):
|
||||||
|
|
||||||
|
```bash
|
||||||
|
./secretmgr.py regen dummy
|
||||||
|
```
|
||||||
|
|
||||||
## How to upgrade our packaged apps to a new version?
|
## How to upgrade our packaged apps to a new version?
|
||||||
|
|
||||||
1. Edit `docker-compose.yml`
|
1. Edit `docker-compose.yml`
|
||||||
|
|
3
app/requirements.txt
Normal file
3
app/requirements.txt
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
python-consul==1.1.0
|
||||||
|
python-ldap==3.3.1
|
||||||
|
passlib==1.7.4
|
Reference in a new issue