Throwing yet another idea out there. Ansible Vault allows encrypting yaml key value files and storing the encrypted file in git so that it can be shared and stored in source control.
Eric On Jun 27, 2017 5:37 AM, "Michael Moll" <[email protected]> wrote: > Hi, > > On Mon, Jun 26, 2017 at 01:31:32PM +0100, Greg Sutcliffe wrote: > > We don't have a mailserver for "*@theforeman.org" currently, and it's > > probably overkill to run one. My solution would be to register a new > > GMail account for infra stuff ([email protected] or similar) and use > > that for this kind of thing - does that work? > > While I don't like GMail, that sounds like a sensible way to go, lacking > the alternatives. > > > Then there's the matter of passwords - I don't want to be the only one > > who can access this stuff (really bad bus factor :P). It also needs to > > be easy to add/remove people who can see it. My thoughts turn to GPG - > > perhaps a simple private Gist of the the encrypted data, encrypted with > > all the keys of the people who are allowed to read it? That's easy to > > re-encrypt later if the list of people/keys changes. Or we could host > > the textfile somewhere (on the foreman.org?) I guess... > > In addition to pass, Ewoud already mentioned, I was recommended passbolt > (https://www.passbolt.com) and gopass (https://www.justwatch.com/gopass), > which is a rewrite of pass. > > Regards > -- > Michael Moll > > -- > You received this message because you are subscribed to the Google Groups > "foreman-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
