XCP-ng

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Popular
    Log in to post
    • All categories
    • All Topics
    • New Topics
    • Watched Topics
    • Unreplied Topics
    • All Time
    • Day
    • Week
    • Month
    • F

      Installing portainer on xcp-ng
      Compute • • fred974

      7
      0
      Votes
      7
      Posts
      28
      Views

      F

      @olivierlambert Thank you. Hopefully someone can chip in

    • S

      Connecting xen to vault
      Xen Orchestra • • siemba

      5
      0
      Votes
      5
      Posts
      36
      Views

      S

      @olivierlambert its custom config, not any bug. Ill point it out what i mean below.

      I have standard ubuntu template -> I would like my vm to be already customize, when its created, because its faster and easier when everything is in one place -> So for that i have created cloud-init for eg.-> #cloud-config hostname: <hostname> package_update: true package_upgrade: true write_files: - path: /etc/ssl/certs/mydomain.crt content: | <certificate data> - path: /etc/ssl/private/mydomain.key content: | <private key data> runcmd: - apt-get update - DEBIAN_FRONTEND=noninteractive apt-get upgrade -y So my main problem is that this, particular cloud-init has fixed <certificate data> and <private key data>, that i would like to not be passed as a plain text, because it is a secret. To me its not done (for now) with best practices, but its very comfortable.

      So finally, i am wondering what is the best solution, for not putting secrets as a plain text, but rather keep them as a secret. I could create templates and later delete cloud-config with those data, but it would be more flexible, if there would be any chance to connect it to Hashicorp Vault or something that will dynamically fetch secrets.