search

Raku / problem-solving

🦋 Problem Solving, a repo for handling problems that require review, deliberation and possibly debate
Artistic License 2.0
70 stars 16 forks source link

perl6-infra: service: Password handling #30

Open rba opened 5 years ago

rba commented 5 years ago

Password handling

Category: run Attributes/tags: backuped

As many of the dns hostings are only a "single user" solution, we need a place to put the infrastructure passwords.

Proposed solution

I would give https://www.gopass.pw/ a try. Seems to be similar like https://www.passwordstore.org/ with some tweaks for multiple persons.

Options

Admins

AlexDaniel commented 5 years ago

A simple gpg encrypted txt file

That's exactly what pass does, and I believe gopass too. For example, you can edit these files with emacs or any other editor that can transparently decrypt/encrypt text files. Not quite sure how they make it work for multiple users though.

rba commented 5 years ago

I'm a long term 1Password user and I realised they offer free access to there team account for open source projects. https://github.com/1Password/1password-teams-open-source This would allow us to share passwords on a individual vault level. I will test it together with @maettu

I will have a look at the CLI https://support.1password.com/command-line-getting-started/ too, maybe this is helping us for automation. If not we can still put some secrets/tokens/passwords into gpg encrypted txt files or another command line tool.

For Linux users there are browser extensions for Chrome and Firefox: https://support.1password.com/explore/linux/

AlexDaniel commented 5 years ago

Seems like a good choice. That said:

For Linux users there are browser extensions for Chrome and Firefox

I have a feeling that the majority of devs are linux users. So there's a command line tool but no application for linux, is that right?

Kaiepi commented 5 years ago

Was worried for a minute *BSD wouldn't be supported, but looks like they are (along with Solaris!)

Edit: the command line tool, I mean

rba commented 5 years ago

I've started using 1Password for the perl6 infra stuff.

There are three vaults:

If you like to join the team-perl6, let me know in irc direct channel with "rba" and send me your email address. Everyone from the perl6 community is free to join.

rba commented 4 years ago

I've started using 1Password for the perl6 infra stuff.

There are three vaults:

  • perl6-everyone: In this vault everyone who joined the 1Password team-perl6 has automatically access. All passwords are seen by all team members.
  • perl6-infra-general: Vault for all the infra passwords, shared with a small group of people, who does infrastructure work.
  • perl6-infra-core: Vault with emergency access, passwords which are not used on a regular basis.

If you like to join the team-perl6, let me know in irc direct channel with "rba" and send me your email address. Everyone from the perl6 community is free to join.

I've started using 1Password for the raku infra stuff.

There are three vaults:

If you like to join the team-raku, let me know in irc direct channel with "rba" and send me your email address. Everyone from the raku community is free to join.