Opened 15 years ago

Closed 15 years ago

#36 closed enhancement (fixed)

Don't store secrets in autoinstall's git repos

Reported by: adehnert Owned by:
Priority: minor Milestone: 1.0
Keywords: Cc:

Description

Right now, if you autoinstall Remit (#13), it'll store the DB password and Django SECRET_KEY in the git repo. This is sorta annoying, if you want to let somebody you only kinda trust clone the repo to modify things. We should grab the SQL config from ~/.my.cnf (see https://scripts.mit.edu:444/trac/ticket/57), and then we just need to write an unversioned file to get SECRET_KEY from.

Change History (1)

comment:1 Changed 15 years ago by adehnert

  • Resolution set to fixed
  • Status changed from new to closed

This is fixed.

From wizard/srv/remit/:

commit f6430e308297ed250022f5b1be3ee88f7d693f35
Author: Alex Dehnert <adehnert@mit.edu>
Date:   Wed May 26 17:37:34 2010 -0400

    Ignore remit/secrets/

commit 427f5151c6b2dbdd49f4916e7ae81dbfb9ff9d4a
Author: Alex Dehnert <adehnert@mit.edu>
Date:   Wed May 26 17:19:45 2010 -0400

    Get secrets from another file

commit 49caf5329731f2b53bfd800c1be18915c019a634
Author: Alex Dehnert <adehnert@mit.edu>
Date:   Wed May 26 17:04:29 2010 -0400

    Pull database info from a config file

From the autoinstaller code:

commit 4e86eff9627aefd2dba1852fe36a6559fd6c54d0
Author: Alex Dehnert <adehnert@mit.edu>
Date:   Wed May 26 17:27:09 2010 -0400

    Store the SECRET_KEY separately

[...]
commit fb38c8bad71bc4acbe502d75d80dc63c2a8ec304
Author: Alex Dehnert <adehnert@mit.edu>
Date:   Wed May 26 17:04:02 2010 -0400

    Pull database info from .my.cnf
Note: See TracTickets for help on using tickets.