diff options
author | Alex Auvolat <alex@adnab.me> | 2022-12-25 22:50:20 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-12-25 22:50:20 +0100 |
commit | 3b7437619162551f281aa4c60621152f37a66b39 (patch) | |
tree | c464d9244a02226c27498d316ea7ce9fb7fdc584 | |
parent | 8cee3b0043eda68d982e5359a0d009c83cbb85c4 (diff) | |
download | nixcfg-3b7437619162551f281aa4c60621152f37a66b39.tar.gz nixcfg-3b7437619162551f281aa4c60621152f37a66b39.zip |
update drone secrets for rotation
-rw-r--r-- | cluster/prod/app/drone-ci/secrets.toml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/cluster/prod/app/drone-ci/secrets.toml b/cluster/prod/app/drone-ci/secrets.toml index 5bd98d0..ac07926 100644 --- a/cluster/prod/app/drone-ci/secrets.toml +++ b/cluster/prod/app/drone-ci/secrets.toml @@ -2,8 +2,8 @@ [secrets."drone-ci/rpc_secret"] type = 'command' -rotate = true command = 'openssl rand -hex 16' +# don't rotate, it would break all runners [secrets."drone-ci/cookie_secret"] type = 'command' @@ -13,6 +13,7 @@ command = 'openssl rand -hex 16' [secrets."drone-ci/db_enc_secret"] type = 'command' command = 'openssl rand -hex 16' +# don't rotate, it is used to encrypt data which we would lose if we change this # Oauth config for gitea |