On Monday, April 14, 2014 6:41:34 AM UTC-5, Alex Harvey wrote:
>
> I was thinking about a situation like this -
>
> *) Puppet designer decides to place all credentials in a single database
> (encrypted Hiera).
> *) developers clone the version controlled copy of it all over the place,
> e.g. to
I was thinking about a situation like this -
*) Puppet designer decides to place all credentials in a single database
(encrypted Hiera).
*) developers clone the version controlled copy of it all over the place,
e.g. to their laptops, that random box that everyone logs into.
*) version controlled
We use hiera-eyaml... This let's us selectively encrypt keys (passwords)
and let everything else remain plaintext.
We use git and have very little concern as long as we keep our private key
secure.
We also publish our public key so others can encrypt sensitive data
themselves. Because we have sev
Hi all,
I'm pondering a design problem and would appreciate some advice:
A reason for externalising data in Hiera is often said to be so that
configuration data can be stored in a version control system, e.g.
http://puppetlabs.com/blog/first-look-installing-and-using-hiera
Meanwhile, the reason