feat(secrets): use docker secrets and make them rotateable #2
Loading…
Reference in New Issue
No description provided.
Delete Branch "secrets"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Solving #1
During the initialization the variables
AK_ADMIN_PASS
andAK_ADMIN_TOKEN
are passed directly instead of parsing thefile://
format.Therefore, I added the
abra.sh
commandset_admin_pass
, that changes the akadmin password and token from the secrets. This can also be used for secret rotation.Further I added the
rotate_db_pass
command to rotate the postgres password.Amazing! I think you probably wanna bump the recipe version as major on this one and perhaps adding some release notes e.g. https://docs.coopcloud.tech/maintainers/handbook/#how-do-i-write-version-release-notes for how others can migrate towards this new install.
@ -23,2 +23,4 @@
* `abra app new authentik --secrets`
* `abra app config <app-name>`
* `abra app secret insert <app_name> email_pass v1 <password>`
* `abra app secret generate -a authentik.dev.local-it.cloud`
abra app secret generate -a <domain>
LGTM! thanks for this amazing work :)
Done. I bumped the recipe version and added release notes.
Yeh @moritz, great stuff.
I leave you the honour of clicking the big green button in the sky.
Best get used to it 🙃