changing secrets on a prod instance
I'm trying to sort how to properly change secrets of an already running setup. In particular I want to be able to change:
REST API user/password Hyperkitty API key Secret key
So far, after attempting to change REST API credentials I've got my setup failing on me.
Setup details: MM3 set up from maxking's docker images.
-- Sr System and DevOps Engineer SoM IRT
On 10/25/2017 11:59 PM, Dmitry Makovey wrote:
I'm trying to sort how to properly change secrets of an already running setup. In particular I want to be able to change:
REST API user/password Hyperkitty API key Secret key
So far, after attempting to change REST API credentials I've got my setup failing on me.
Setup details: MM3 set up from maxking's docker images. You have to be a little more specific regarding the errors you are facing. What files did you change? What settings did you change?
Generally speaking: The Rest api user/password need to be updated in Mailman core's settings and also in Django's settings
The Hyperkitty API key, is shared between Hyperkitty's (Django) settings and the archiver plugin in core
The secret key is just a variable for Django that it uses as a seed for some operations. Changing it, should'nt result in any failures. The only thing that can happen, is that you are logged out of your existing sessions.
On 10/25/2017 03:37 PM, Simon Hanna wrote:
On 10/25/2017 11:59 PM, Dmitry Makovey wrote:
I'm trying to sort how to properly change secrets of an already running setup. In particular I want to be able to change:
REST API user/password Hyperkitty API key Secret key
So far, after attempting to change REST API credentials I've got my setup failing on me.
Setup details: MM3 set up from maxking's docker images. You have to be a little more specific regarding the errors you are facing. What files did you change? What settings did you change?
as soon as I've changed REST API creds mailman-core started throwing errors about "Unauthorized" Rest requests.
Generally speaking: The Rest api user/password need to be updated in Mailman core's settings and also in Django's settings
in other words - no DB entries for it?
The Hyperkitty API key, is shared between Hyperkitty's (Django) settings and the archiver plugin in core
no DB as well?
The secret key is just a variable for Django that it uses as a seed for some operations. Changing it, should'nt result in any failures. The only thing that can happen, is that you are logged out of your existing sessions.
ok so reading all of the above I'm getting the impression that all those changes should be seamless. In other words I have to trace where am I not passing proper creds or where am I picking up default settings... thanks Simon.
-- Sr System and DevOps Engineer SoM IRT
On 10/25/2017 03:53 PM, Dmitry Makovey wrote:
as soon as I've changed REST API creds mailman-core started throwing errors about "Unauthorized" Rest requests.
You need to set them in mailman.cfg [webservice] admin_user: new value admin_pass: new_value
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Oct 25, 2017, at 19:46, Mark Sapiro <mark@msapiro.net> wrote:
On 10/25/2017 03:53 PM, Dmitry Makovey wrote:
as soon as I've changed REST API creds mailman-core started throwing errors about "Unauthorized" Rest requests.
You need to set them in mailman.cfg [webservice] admin_user: new value admin_pass: new_value
Also, don’t forget to restart Mailman after you’ve edited the config file.
-Barry
participants (4)
-
Barry Warsaw -
Dmitry Makovey -
Mark Sapiro -
Simon Hanna