aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-12-25 22:50:20 +0100
committerAlex Auvolat <alex@adnab.me>2022-12-25 22:50:20 +0100
commit3b7437619162551f281aa4c60621152f37a66b39 (patch)
treec464d9244a02226c27498d316ea7ce9fb7fdc584
parent8cee3b0043eda68d982e5359a0d009c83cbb85c4 (diff)
downloadnixcfg-3b7437619162551f281aa4c60621152f37a66b39.tar.gz
nixcfg-3b7437619162551f281aa4c60621152f37a66b39.zip
update drone secrets for rotation
-rw-r--r--cluster/prod/app/drone-ci/secrets.toml3
1 files changed, 2 insertions, 1 deletions
diff --git a/cluster/prod/app/drone-ci/secrets.toml b/cluster/prod/app/drone-ci/secrets.toml
index 5bd98d0..ac07926 100644
--- a/cluster/prod/app/drone-ci/secrets.toml
+++ b/cluster/prod/app/drone-ci/secrets.toml
@@ -2,8 +2,8 @@
[secrets."drone-ci/rpc_secret"]
type = 'command'
-rotate = true
command = 'openssl rand -hex 16'
+# don't rotate, it would break all runners
[secrets."drone-ci/cookie_secret"]
type = 'command'
@@ -13,6 +13,7 @@ command = 'openssl rand -hex 16'
[secrets."drone-ci/db_enc_secret"]
type = 'command'
command = 'openssl rand -hex 16'
+# don't rotate, it is used to encrypt data which we would lose if we change this
# Oauth config for gitea