-
- Downloads
Remove the WG private keys from the vault and store them only on the servers
With the support for network.wireguard.* credentials[1] in systemd v256[2], we can now easily avoid storing the credentials centrally in our ansible vault, which is preferable as it makes the private keys less exposed. All the keys have been rotated and the new private keys are only stored on the servers. [1] https://github.com/systemd/systemd/pull/30826 [2] https://github.com/systemd/systemd/releases/tag/v256
parent
6d39c3c6
No related branches found
No related tags found
This commit is part of merge request !891. Comments created here will be created in the context of that merge request.
Showing
- docs/wireguard.md 1 addition, 1 deletiondocs/wireguard.md
- host_vars/accounts.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/accounts.archlinux.org/misc.yml
- host_vars/accounts.archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/accounts.archlinux.org/vault_wireguard.yml
- host_vars/america.mirror.pkgbuild.com/misc.yml 1 addition, 1 deletionhost_vars/america.mirror.pkgbuild.com/misc.yml
- host_vars/america.mirror.pkgbuild.com/vault_wireguard.yml 0 additions, 9 deletionshost_vars/america.mirror.pkgbuild.com/vault_wireguard.yml
- host_vars/archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/archlinux.org/misc.yml
- host_vars/archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/archlinux.org/vault_wireguard.yml
- host_vars/asia.mirror.pkgbuild.com/misc.yml 1 addition, 1 deletionhost_vars/asia.mirror.pkgbuild.com/misc.yml
- host_vars/asia.mirror.pkgbuild.com/vault_wireguard.yml 0 additions, 9 deletionshost_vars/asia.mirror.pkgbuild.com/vault_wireguard.yml
- host_vars/aur.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/aur.archlinux.org/misc.yml
- host_vars/aur.archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/aur.archlinux.org/vault_wireguard.yml
- host_vars/bbs.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/bbs.archlinux.org/misc.yml
- host_vars/bbs.archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/bbs.archlinux.org/vault_wireguard.yml
- host_vars/bugbuddy.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/bugbuddy.archlinux.org/misc.yml
- host_vars/bugbuddy.archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/bugbuddy.archlinux.org/vault_wireguard.yml
- host_vars/build.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/build.archlinux.org/misc.yml
- host_vars/build.archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/build.archlinux.org/vault_wireguard.yml
- host_vars/dashboards.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/dashboards.archlinux.org/misc.yml
- host_vars/dashboards.archlinux.org/vault_wireguard.yml 0 additions, 9 deletionshost_vars/dashboards.archlinux.org/vault_wireguard.yml
- host_vars/debuginfod.archlinux.org/misc.yml 1 addition, 1 deletionhost_vars/debuginfod.archlinux.org/misc.yml
Please register or sign in to comment