A super simple secret manager for my home server deployment automation.
Can be deployed with docker
docker pull registry.gitlab.com/haondt/cicd/registry/gsm:latestThe following items must be configured:
JweSettings.EncryptionKey: 32-byte encryption key for encrypting api tokensJweSettings.SigningKey: (optional, default can be used as well) 32-byte signing key for signing api tokensGabbroSecretManagerPersistenceSettings.DatabasePath: path to sqlite db
See docker-compose.yml for an example setup.
Details:
- Api must be called with an api key as a bearer token
Endpoints:
GET-{server-url}/api/secrets- returns all secrets- also supports query items
name- filter the name of the secrettags- filter for secrets that contain all given tags
- e.g.
{server-url}/api/secrets?name=Foo&tags=bar&tags=baz
- also supports query items
GET-{server-url}/api/secret/{SECRET_ID}- returns a particular secretGET-{server-url}/api/export-data- gets all user data
