[tahoe-lafs-trac-stream] [Tahoe-LAFS] #4177: Manage shared secrets required to interact with the infrastructure
Tahoe-LAFS
trac at tahoe-lafs.org
Thu Jul 17 12:24:47 UTC 2025
#4177: Manage shared secrets required to interact with the infrastructure
------------------------------------+-----------------------
Reporter: btlogy | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: undecided
Component: dev-infrastructure | Version: n/a
Resolution: | Keywords:
Launchpad Bug: |
------------------------------------+-----------------------
Comment (by btlogy):
Similarly to this new [https://github.com/tahoe-lafs/infrastructure-pass
infrastructure-pass] repository, I've also added a `nix-shell` support for
SOPS (Secret OperationS) in the [https://github.com/tahoe-
lafs/infrastructure infrastructure] (as code) repository (see
[https://github.com/tahoe-lafs/infrastructure/pull/76 infrastructure#76]
Which will allow admins to use the same PGP keys in both repository:
- with `sops` to share the (self-hosted) "machines" secrets with other
admins in [https://github.com/tahoe-lafs/infrastructure infrastructure]
(e.g. ssh private key to upload backups to !BorgBase)
- with `pass` to share the (3rd parties) "providers" secrets with other
admins in [https://github.com/tahoe-lafs/infrastructure infrastructure-
pass] (e.g. password and totp for xxx-tahoe b users on !GitHub)
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4177#comment:4>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list