-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathHow To Get Secrets
28 lines (20 loc) · 1.39 KB
/
How To Get Secrets
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
The SIP credentials and any keys or tokens for other systems access are required by
the DiallingServer. The website will run without them, but nothing else will work.
No credentials are in the Docker image.
This is to prevent shame from visiting all concerend.
The docker-compose.yml config provides for two bind mounts:
- ./mounts/www_ssh:/var/www/.ssh
- ./mounts/sip_pass:/var/www/.sip
The .ssh should have one pair of rsa identity files. It is used to connect to mtlxfb01.
Should this key pair be lost, recreate a standard ID_RSA and provide the .pub value
into the /home/xrecords/./ssh/authorized_keys file for user xrecords. It gets preceded
by the single shell instruction to run to provide a stream of meta concise records.
on mtlxfb01
authorized_keys entry make sure to end the key data with the www-data user info.
command="./SINGLEUSEKEY_get_craft.sh \"6473170010\" ALL CRAFT RECORDS",no-port-forwarding,
no-X11-forwarding,no-agent-forwarding ssh-rsa KEYDATA..KEYDATA [email protected]
The .sip should have six sip password files. They are used for the soft phone instances.
Should they be lost, VoiceOps can generate new passwords for the six testing SIP lines.
files named: pass_0006_dist_9101 -> pass_0011_dist_9106 with single password in each.
When we add in the functionaility to connect directly to the Metaswitch CFSs, their
passwords will be in a .meta directory.