docs(project-cloud-rebuild): record restic password location in vault + on-forge for Phase 0.2 backups

2026-06-28 14:53:28 -04:00 · 2026-06-28 14:53:28 -04:00 · cd9cb685f1
commit cd9cb685f1
parent 9f76273667
1 changed files with 2 additions and 1 deletions
--- a/.project/project_cloud-rebuild/STATE.md
+++ b/.project/project_cloud-rebuild/STATE.md
@ -77,9 +77,10 @@ Zone `uvlava.com` + records under `ct.uvlava.com` (forge.ct/npm.ct/backend.ct/db
 ---

 ## Secrets / credentials
-`~/.vault/`: `do-pat-ct.token`, `forge-admin-quinn.{password,api-token}`, `do-spaces-uvlava.{access,secret}`.
+`~/.vault/`: `do-pat-ct.token`, `forge-admin-quinn.{password,api-token}`, `do-spaces-uvlava.{access,secret}`, `do-spaces-uvlava.restic-password` (for lilith-backups verdaccio repo).
 `~/.npmrc`: Verdaccio authToken for `134.199.243.61:4873`.
 DO PG app password: in droplet `/etc/pgbouncer/pgbouncer.ini`. vps-0 PG: `/etc/quinn-api/secrets.env` (`QUINN_DB_URL`).
+On cocotte-forge: `/etc/lilith-backup/{access,secret,restic-password}` (0600 root) for the verdaccio restic backups.
 **Rotate everything black-era — those creds are gone/untrusted.**

 ## Gotchas