chore(secrets): remove committed dev plaintext from docker central nodes + loose login files (ScadaBridge G-4 T5)
This commit is contained in:
@@ -18,8 +18,7 @@
|
|||||||
"MinNrOfMembers": 1
|
"MinNrOfMembers": 1
|
||||||
},
|
},
|
||||||
"Database": {
|
"Database": {
|
||||||
"ConfigurationDb": "Server=scadabridge-mssql,1433;Database=ScadaBridgeConfig;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true",
|
"_comment": "ConfigurationDb/MachineDataDb (which carry the dev SQL password) are supplied as ScadaBridge__Database__* whole-key env overrides in docker/docker-compose.yml (dev-only-insecure, mirroring the ApiKeyPepper convention). The same dev password already ships committed for the sibling scadabridge-mssql container (infra/docker-compose.yml MSSQL_SA_PASSWORD) — this is consolidation, not new exposure. Env overrides layer over JSON before the ${secret:} expander runs, so the dev cluster boots with no KEK/secret store. Real/prod config uses ${secret:} tokens in src/.../appsettings.Central.json (T4)."
|
||||||
"MachineDataDb": "Server=scadabridge-mssql,1433;Database=ScadaBridgeMachineData;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true"
|
|
||||||
},
|
},
|
||||||
"Security": {
|
"Security": {
|
||||||
"Ldap": {
|
"Ldap": {
|
||||||
@@ -29,13 +28,13 @@
|
|||||||
"AllowInsecure": true,
|
"AllowInsecure": true,
|
||||||
"SearchBase": "dc=zb,dc=local",
|
"SearchBase": "dc=zb,dc=local",
|
||||||
"ServiceAccountDn": "cn=serviceaccount,dc=zb,dc=local",
|
"ServiceAccountDn": "cn=serviceaccount,dc=zb,dc=local",
|
||||||
"ServiceAccountPassword": "serviceaccount123"
|
"_comment_ServiceAccountPassword": "Supplied as ScadaBridge__Security__Ldap__ServiceAccountPassword env override in docker-compose.yml (dev-only-insecure)."
|
||||||
},
|
},
|
||||||
"Auth": {
|
"Auth": {
|
||||||
"DisableLogin": false,
|
"DisableLogin": false,
|
||||||
"User": "multi-role"
|
"User": "multi-role"
|
||||||
},
|
},
|
||||||
"JwtSigningKey": "scadabridge-dev-jwt-signing-key-must-be-at-least-32-characters-long",
|
"_comment_JwtSigningKey": "Supplied as ScadaBridge__Security__JwtSigningKey env override in docker-compose.yml (dev-only-insecure).",
|
||||||
"JwtExpiryMinutes": 15,
|
"JwtExpiryMinutes": 15,
|
||||||
"IdleTimeoutMinutes": 30,
|
"IdleTimeoutMinutes": 30,
|
||||||
"RequireHttpsCookie": false,
|
"RequireHttpsCookie": false,
|
||||||
|
|||||||
@@ -18,8 +18,7 @@
|
|||||||
"MinNrOfMembers": 1
|
"MinNrOfMembers": 1
|
||||||
},
|
},
|
||||||
"Database": {
|
"Database": {
|
||||||
"ConfigurationDb": "Server=scadabridge-mssql,1433;Database=ScadaBridgeConfig;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true",
|
"_comment": "ConfigurationDb/MachineDataDb (which carry the dev SQL password) are supplied as ScadaBridge__Database__* whole-key env overrides in docker/docker-compose.yml (dev-only-insecure, mirroring the ApiKeyPepper convention). The same dev password already ships committed for the sibling scadabridge-mssql container (infra/docker-compose.yml MSSQL_SA_PASSWORD) — this is consolidation, not new exposure. Env overrides layer over JSON before the ${secret:} expander runs, so the dev cluster boots with no KEK/secret store. Real/prod config uses ${secret:} tokens in src/.../appsettings.Central.json (T4)."
|
||||||
"MachineDataDb": "Server=scadabridge-mssql,1433;Database=ScadaBridgeMachineData;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true"
|
|
||||||
},
|
},
|
||||||
"Security": {
|
"Security": {
|
||||||
"Ldap": {
|
"Ldap": {
|
||||||
@@ -29,13 +28,13 @@
|
|||||||
"AllowInsecure": true,
|
"AllowInsecure": true,
|
||||||
"SearchBase": "dc=zb,dc=local",
|
"SearchBase": "dc=zb,dc=local",
|
||||||
"ServiceAccountDn": "cn=serviceaccount,dc=zb,dc=local",
|
"ServiceAccountDn": "cn=serviceaccount,dc=zb,dc=local",
|
||||||
"ServiceAccountPassword": "serviceaccount123"
|
"_comment_ServiceAccountPassword": "Supplied as ScadaBridge__Security__Ldap__ServiceAccountPassword env override in docker-compose.yml (dev-only-insecure)."
|
||||||
},
|
},
|
||||||
"Auth": {
|
"Auth": {
|
||||||
"DisableLogin": false,
|
"DisableLogin": false,
|
||||||
"User": "multi-role"
|
"User": "multi-role"
|
||||||
},
|
},
|
||||||
"JwtSigningKey": "scadabridge-dev-jwt-signing-key-must-be-at-least-32-characters-long",
|
"_comment_JwtSigningKey": "Supplied as ScadaBridge__Security__JwtSigningKey env override in docker-compose.yml (dev-only-insecure).",
|
||||||
"JwtExpiryMinutes": 15,
|
"JwtExpiryMinutes": 15,
|
||||||
"IdleTimeoutMinutes": 30,
|
"IdleTimeoutMinutes": 30,
|
||||||
"RequireHttpsCookie": false,
|
"RequireHttpsCookie": false,
|
||||||
|
|||||||
@@ -16,6 +16,17 @@ services:
|
|||||||
# out-of-band (env/secret store), never from source control — see
|
# out-of-band (env/secret store), never from source control — see
|
||||||
# docs/operations/inbound-api-key-reissue.md. Both Central nodes share one pepper.
|
# docs/operations/inbound-api-key-reissue.md. Both Central nodes share one pepper.
|
||||||
ScadaBridge__InboundApi__ApiKeyPepper: "dev-only-insecure-pepper-docker-cluster-0001"
|
ScadaBridge__InboundApi__ApiKeyPepper: "dev-only-insecure-pepper-docker-cluster-0001"
|
||||||
|
# DEV-ONLY local-cluster secrets — NOT real secrets. Relocated out of the mounted
|
||||||
|
# appsettings.Central.json (G-4 T5 secrets cleanup) so that app-config file carries no
|
||||||
|
# plaintext credentials. Env overrides layer over JSON BEFORE the ${secret:} pre-host
|
||||||
|
# expander runs, so the dev cluster boots with no KEK/secret store. The SQL password is
|
||||||
|
# the same value already committed for the sibling scadabridge-mssql container
|
||||||
|
# (infra/docker-compose.yml MSSQL_SA_PASSWORD) — consolidation, not new exposure. Real
|
||||||
|
# deployments use ${secret:} tokens (src/.../appsettings.Central.json) + a seeded store.
|
||||||
|
ScadaBridge__Database__ConfigurationDb: "Server=scadabridge-mssql,1433;Database=ScadaBridgeConfig;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true"
|
||||||
|
ScadaBridge__Database__MachineDataDb: "Server=scadabridge-mssql,1433;Database=ScadaBridgeMachineData;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true"
|
||||||
|
ScadaBridge__Security__Ldap__ServiceAccountPassword: "serviceaccount123"
|
||||||
|
ScadaBridge__Security__JwtSigningKey: "scadabridge-dev-jwt-signing-key-must-be-at-least-32-characters-long"
|
||||||
ports:
|
ports:
|
||||||
- "9001:5000" # Web UI + Inbound API
|
- "9001:5000" # Web UI + Inbound API
|
||||||
- "9011:8081" # Akka remoting (host access for CLI/debugging)
|
- "9011:8081" # Akka remoting (host access for CLI/debugging)
|
||||||
@@ -43,6 +54,17 @@ services:
|
|||||||
# out-of-band (env/secret store), never from source control — see
|
# out-of-band (env/secret store), never from source control — see
|
||||||
# docs/operations/inbound-api-key-reissue.md. Both Central nodes share one pepper.
|
# docs/operations/inbound-api-key-reissue.md. Both Central nodes share one pepper.
|
||||||
ScadaBridge__InboundApi__ApiKeyPepper: "dev-only-insecure-pepper-docker-cluster-0001"
|
ScadaBridge__InboundApi__ApiKeyPepper: "dev-only-insecure-pepper-docker-cluster-0001"
|
||||||
|
# DEV-ONLY local-cluster secrets — NOT real secrets. Relocated out of the mounted
|
||||||
|
# appsettings.Central.json (G-4 T5 secrets cleanup) so that app-config file carries no
|
||||||
|
# plaintext credentials. Env overrides layer over JSON BEFORE the ${secret:} pre-host
|
||||||
|
# expander runs, so the dev cluster boots with no KEK/secret store. The SQL password is
|
||||||
|
# the same value already committed for the sibling scadabridge-mssql container
|
||||||
|
# (infra/docker-compose.yml MSSQL_SA_PASSWORD) — consolidation, not new exposure. Real
|
||||||
|
# deployments use ${secret:} tokens (src/.../appsettings.Central.json) + a seeded store.
|
||||||
|
ScadaBridge__Database__ConfigurationDb: "Server=scadabridge-mssql,1433;Database=ScadaBridgeConfig;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true"
|
||||||
|
ScadaBridge__Database__MachineDataDb: "Server=scadabridge-mssql,1433;Database=ScadaBridgeMachineData;User Id=scadabridge_app;Password=ScadaBridge_Dev1#;TrustServerCertificate=true"
|
||||||
|
ScadaBridge__Security__Ldap__ServiceAccountPassword: "serviceaccount123"
|
||||||
|
ScadaBridge__Security__JwtSigningKey: "scadabridge-dev-jwt-signing-key-must-be-at-least-32-characters-long"
|
||||||
ports:
|
ports:
|
||||||
- "9002:5000" # Web UI + Inbound API
|
- "9002:5000" # Web UI + Inbound API
|
||||||
- "9012:8081" # Akka remoting
|
- "9012:8081" # Akka remoting
|
||||||
|
|||||||
Reference in New Issue
Block a user