3870713412
VaultService — chiffrement/déchiffrement via Vault Transit engine : Gestion des clés : - createKey(keyName, type) : crée une clé Transit (défaut aes256-gcm96) - deleteKey(keyName) : marque deletable + supprime - updateKey(keyName, config) : met à jour la config (rotation, export...) - listKeys() : liste toutes les clés Transit - keyExists(keyName) : vérifie l'existence d'une clé - checkOrCreateKey(keyName) : crée la clé si elle n'existe pas Chiffrement : - encrypt(keyName, plaintext) : chiffre avec Transit, retourne vault:v1:... Auto-crée la clé si inexistante - decrypt(keyName, ciphertext) : déchiffre le ciphertext Transit Communication HTTP avec X-Vault-Token, gestion erreurs 4xx/5xx. Configuration : - .env : VAULT_URL, VAULT_TOKEN (vides par défaut) - .env.local : VAULT_URL=http://vault:8200, VAULT_TOKEN=crm_siteconseil - ansible/vault.yml : vault_url=https://kms.esy-web.dev pour la prod - Transit engine activé sur le container Vault dev Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
62 lines
3.7 KiB
YAML
62 lines
3.7 KiB
YAML
cloudflare_api_token: cfk_wXHshV0AmOoKbWE19CIPoWJBeUCtSDUXo2mgkGuNe99eeac8
|
|
cloudflare_zone_id: f9e2a44aa512b455c99286d2ae845862
|
|
app_secret: 533326ee6417086112c42b1fc1843ff1db82b881988f87442118178ea4469cc2
|
|
mailer_dsn: ses+smtp://AKIAWTT2T22CWBRBBDYN:BBdgb6KxRQ8mNcpWFJsZCJxbSGNdgLhKFiITMErfBlQP@default?region=eu-west-3&timeout=120
|
|
stripe_pk: pk_live_51SUA1rP4ub49xK2ThoRH8efqGYNi1hrcWMzrqmDtJpMv12cmTzLa8ncJLUKLbOQNZTkm1jgptLfwt4hxEGqkVsHB00AK3ieZNl
|
|
stripe_sk: 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
|
|
stripe_webhook_secret: whsec_ivqY8C05aJ9mho2N3opJLriO2AuxIqOi
|
|
stripe_webhook_secret_connect: whsec_0sG9BPYDysxQst9W6FTp44GpwtO2F6WQ
|
|
smime_passphrase: 'EVz5zNV8h4ndSLOCWO9JeaQnIertQm7k'
|
|
meilisearch_api_key: b9b0994ee46d9826a4ac58306c171fdd00c03ac6f8ff6a68cdd8f9f977ab415a
|
|
meilisearch_master_key: 9e6a86cb9e9b09cdabf30a81e43bdb18892ee0d0ab478a16c50749b8f2ed83e4
|
|
db_password: 46eafec68e1e7bc8015790998a2e8ea8b5e31461479588b7
|
|
redis_password: 51f7559d1d14a6cf422628537fa562a94481936228e9291d
|
|
sonarqube_badge_token: sqb_dc1d0f73af1016295f49d1c56bf60e115e43bf48
|
|
keycloak_admin_client_secret: QqYnQc6p9aio4sBJYKNhpPsdrvpUtt2z
|
|
aws_pk: AKIAWTT2T22CWBRBBDYN
|
|
aws_secret: BBdgb6KxRQ8mNcpWFJsZCJxbSGNdgLhKFiITMErfBlQP
|
|
cloudflare_key: cfut_xqEEvg5LDezheCI9rWsd4JdfflvLH5vjmeMp7QHO442dd83b
|
|
mailcow_api_key: DF0E7E-0FD059-16226F-8ECFF1-E558B3
|
|
docuseal_api: pgAU116mCFmeF7WQSezHqxtZW8V1fgo31u5d2FXoaKe
|
|
docuseal_webhooks_secret: CRM_COSLAY
|
|
discord_webhook: https://discord.com/api/webhooks/1419573620602044518/ikAdxWxsrrTqMTb5Gh_8ylcoJHlOnq7aJZvR5udoS_fCK56Jk3qpEnJHVKdD8fwuNJF3
|
|
esymail_hostname: mail.esy-web.dev
|
|
vault_url: https://kms.esy-web.dev
|
|
vault_token: CHANGE_ME_IN_PROD
|
|
ovh_key: 34bc2c2eb416b67d
|
|
ovh_secret: 12239d273975b5ab53318907fb66d355
|
|
ovh_customer: 56c387eb9ca4b9a2de4d4d97fd3d7f22
|
|
smime_private_key: |
|
|
Bag Attributes
|
|
localKeyID: 75 15 E3 C2 1D 7B 61 75 99 B9 22 D8 FD A4 19 AC 6B BE 1F 8F
|
|
friendlyName: contact@siteconseil.fr
|
|
Key Attributes: <No Attributes>
|
|
-----BEGIN PRIVATE KEY-----
|
|
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC60+PtobUKQsjH
|
|
vrRizgwIfR06OkOqYosn17wurYUCZquhGfaRL5nf+qDcOF2liczRfXOsTxnEK0J0
|
|
s38JF9zWXTkIms4yfyL9xKOCBEPkNSe03wIcaKQjNB1iuDqW6npUm/ke6VmIAj4q
|
|
ig6wwiViqWxkzcE2824RFBI0H4rtkxDNhEXOk6ccVzxz/MwxAvmKHuJQG7LtbysI
|
|
KIZcGbNjlm2YmIebVYU44kpI0ZMzfvKsfy9eWX3VyYubpL4Rwsc9I+Z2jsun+nEc
|
|
4heHamNu8NrKHWQP802NZvRkMR7t39APYnGcEOBe6eagDkn9DQpZrkxfXYUcteBA
|
|
5y3RVBxJAgMBAAECggEASCuXNlJL0blnv0WLgEmRO2w9cKNWRUkI8Wy0rKFqKrnH
|
|
nhWd+orVWcEDB98cSdi4Dsrz9sGdtfpyEwvNzJDzxblAUXMfqUEUnswpz41fPpZM
|
|
DuJA+gFwOoskuOBq/aZ5eBrCeu7wn4oiQqOPNjfhYkIJdc1H0Lbrs1w6BfmTXN9S
|
|
ilSL4GMv7YpEBPt86wiReIbE0DIqaR9Vm1UupkJe7WMc9LrxW6OM4kD5xQTFdJLC
|
|
n6QbbX+TE3q+d6TrckK8PeBm+gIX2+NdEuuz7gpZGSybfqN1wqbkziUsifi+7gQi
|
|
pxwxhDmCQ08DHplcBdjg1ZldVhaAdHEqCyWZtIZQGwKBgQD9RNXOskPhGBP28oZz
|
|
a7APhROKHcEtb9BRj3mwzwIMr3SzJjoBI4SfRR3QcU8jD2uCLNio/cSqjAJVyk2f
|
|
Z9wDONnXy4aNrsze0Fx+0t1VqIOVocFDJJHndHCiq2HHorqArvHtZxkj/0xIUx+K
|
|
nVltevm7qLSAtR/vWTM1c9Zp/wKBgQC816PZxNEpyg5mgO+3gn5yONsObh2ZyZ/v
|
|
KPEmFBjl69AfAxKeaEZaj35RmzdnAFKlv9QzNdAM67+oOIThcaQ+diyNUQegaJwc
|
|
amUZHWjQ7RAJNM7lQz85zn9s/MZVC8iNF7xlPWK8Y/ifMwk5e+pAQ79PVwxKiW8y
|
|
doXv1uuptwKBgQCPfVJNGr5OZx/YhysZdWd4Q4MAez8ZCQJTUyA0xfN5UGajoQK3
|
|
5nGa8sOjdq7JRFE6nUHa7HthzJT+GfHEYElMIgd5tTt0RhaYHiBpUfpIL4LtYYln
|
|
Cu8G3Pd7kfGB83YKthMm14Rs2pVTXJTAKcmit0uJwFkTmoqPRlA29nwB7QKBgQCp
|
|
iVtzxcwWnW1iPz13XfNRbpPTl66Bg89PMk2VZxOXT6cQQHz1tB39bbf1YclScqrA
|
|
XcEPnK9E+l2dk+hQUesnnIaQ9H9JVsFYjXhoHMweTcZIzZ01nLLlnesumJ0ieyq4
|
|
6OddaMf85C+wFWyhrAr5WRknDLpfLJWlE11ZnnUCbwKBgQCXOLstj7bEi8N3H8PV
|
|
UQlkFKrAmmEE4i3Y3Qqa1DMbm2XJBzPQQJIrDlCeIWs0jk0upOY34W+deWH5gbvW
|
|
a/6bpvSzbWqgFD5DnayVkb7CvgEg+CKdUoUumRSs38pet29c/pdKPUxhMq8voIEg
|
|
HpnyJcapAiLw0hv4ql380onf0A==
|
|
-----END PRIVATE KEY-----
|