System for storing secrets


Is this relevant?

Liberapay’s homepage says it uses it.

I’d vote for .

1 Like

Vault is great for programmatic use, not so good for operational/day to day use (of course it can be pressed into service in that regard).

KeePass is a very solid choice, thick client version. I recommend staying away from anything web based (even hosted on a “server” you “control”) , too many side channel and other attacks.

Let’s keep the discussion going.

(My qualification here is years of deep technical operations experience as a practitioner and manager) for everything from seed startups to global enterprise managing millions of customer records/transactions across 1 million + systems.


@chreekat are you generally working/assigned on this secrets storage task? Anything I can help with? With that or otherwise with the website dev roadmap?

I was still just trying to come up with a plan, but I’m not working on it right now. Please suggest a plan if you have one. :slight_smile:

Also, see about getting merge rights to the project, if you don’t already have them. I can do that, or wolftune can. Then you can also merge patches into master. That would be useful I think.

@chreekat Hmm I think the first step, for me, would be to make a full list of exactly which secret data we have, what and who needs manual and automatic access to it, and which stuff needs backups and how often. Possibly, it would be enough to place the secrets behind an SSH server and use regular PosgreSQL database backups and duplicity/rsync for files. I mean, gather the precise requirements we have. Then we can assess the situation better and choose the solution.

There’s also the deployment thing but it depends on secrets storage, and Idk anything about nix, so leaving that to you for now.

I don’t have merge rights. Before I ask you (or @wolftune) for such a thing - would you like me to have merge rights? :stuck_out_tongue:

Getting off-topic, but I now (should have done a long time ago) marked you a “developer” (see, and I’m fine with trusting you with “master” if you want, otherwise, I or chreekat can do the final merges to the protected master branch while you now have permission for most other things.