diff --git a/.project/project_cloud-rebuild/STATE.md b/.project/project_cloud-rebuild/STATE.md index c00b8cd5..799f2422 100644 --- a/.project/project_cloud-rebuild/STATE.md +++ b/.project/project_cloud-rebuild/STATE.md @@ -77,9 +77,10 @@ Zone `uvlava.com` + records under `ct.uvlava.com` (forge.ct/npm.ct/backend.ct/db --- ## Secrets / credentials -`~/.vault/`: `do-pat-ct.token`, `forge-admin-quinn.{password,api-token}`, `do-spaces-uvlava.{access,secret}`. +`~/.vault/`: `do-pat-ct.token`, `forge-admin-quinn.{password,api-token}`, `do-spaces-uvlava.{access,secret}`, `do-spaces-uvlava.restic-password` (for lilith-backups verdaccio repo). `~/.npmrc`: Verdaccio authToken for `134.199.243.61:4873`. DO PG app password: in droplet `/etc/pgbouncer/pgbouncer.ini`. vps-0 PG: `/etc/quinn-api/secrets.env` (`QUINN_DB_URL`). +On cocotte-forge: `/etc/lilith-backup/{access,secret,restic-password}` (0600 root) for the verdaccio restic backups. **Rotate everything black-era — those creds are gone/untrusted.** ## Gotchas