d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4eead3e53fecdb2b7e629bb9f56b22ff92c61d2e
proxmox/docs/04-configuration/SECRETS_QUICK_REFERENCE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

177 lines
4.6 KiB
Markdown
Raw Blame History

# Secrets Quick Reference
**Last Updated:** 2026-01-31
**Document Version:** 1.0
**Status:** Active Documentation
---
**Date:** 2025-01-27
**Purpose:** Quick lookup for all secrets and their locations
---
## 🔴 CRITICAL SECRETS (Immediate HSM Migration)
### Private Keys
```
PRIVATE_KEY (Deployer)
Locations:
- smom-dbis-138/.env
- no_five/.env
- loc_az_hci/smom-dbis-138/.env
- proxmox/smom-dbis-138/services/*/.env
- docs/06-besu/T1_2_CREDENTIALS_VERIFIED.md
Value: 0x5373d11ee2cad4ed82b9208526a8c358839cbfe325919fb250f062a25153d1c8
Address: 0x4A666F96fC8764181194447A7dFdb7d471b301C8
PRIVATE_KEY (237-combo)
Location: 237-combo/.env
Value: 5e72443d6f357af402859433b115f5b7394786b2624a7cd7e670256a2467bd14
```
### Cloudflare API Tokens
```
CLOUDFLARE_API_TOKEN
Locations:
- loc_az_hci/smom-dbis-138/.env: CWNCvhFa0EgXsazoUrJyv1CS-ORoiMmgvM0zm47N
- scripts/fix-certbot-dns-propagation.sh: JSEO_sruWB6lf1id77gtI7HOLVdhkhaR2goPEJIk
CLOUDFLARE_API_KEY
Locations:
- proxmox/.env: 65d8f07ebb3f0454fdc4e854b6ada13fba0f0
- loc_az_hci/.env: x2Kgfb7OI8OEu7SUeUSyLIgVFmvXFd6zV_5ZwGcW
CLOUDFLARE_TUNNEL_TOKEN
Locations:
- proxmox/.env: sRwHkwQO5HfD6aK0ZzdV8XHsAyG_DLe_KCjv2bRP
- scripts/install-shared-tunnel-token.sh: eyJhIjoiNTJhZDU3YTcxNjcxYzVmYzAwOWVkZjA3NDQ2NTgxOTYiLCJ0IjoiMTBhYjIyZGEtOGVhMy00ZTJlLWE4OTYtMjdlY2UyMjExYTA1IiwicyI6IlptRXlOMkkyTVRrdE1EZzFNeTAwTkRBNExXSXhaalF0Wm1KaE5XVmpaVEEzTVdGbCJ9
CLOUDFLARE_ORIGIN_CA_KEY
Location: proxmox/.env
Value: v1.0-e7109fbbe03bfeb201570275-231a7ddf5c59799f68b0a0a73a3e17d72177325bb60e4b2c295896f9fe9c296dc32a5881a7d23859934d508b4f41f1d86408e103012b44b0b057bb857b0168554be4dc215923c043bd
```
### NPM Passwords
```
NPM_PASSWORD
Locations:
- proxmox/.env: L@ker$2010
- scripts/create-npmplus-proxy.sh: ce8219e321e1cd97bd590fb792d3caeb7e2e3b94ca7e20124acaf253f911ff72
- scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh: ce8219e321e1cd97bd590fb792d3caeb7e2e3b94ca7e20124acaf253f911ff72
NPM_EMAIL
Locations:
- proxmox/.env: nsatoshi2007@hotmail.com
- scripts: admin@example.org
```
---
## ⚠️ HIGH PRIORITY SECRETS
### Database Credentials
```
DATABASE_URL
Location: dbis_core/.env
Format: postgresql://user:password@host:port/database
```
### UniFi/Omada
```
UNIFI_API_KEY
Location: docs/04-configuration/UDM_PRO_API_LIMITATIONS.md
Value: _6WXEiH2tMDkrO3jKc54SKa53fHZE-Wg
UNIFI_PASSWORD
Location: Multiple docs
Value: L@kers2010$$
```
---
## 📋 ALL SECRET LOCATIONS
### .env Files with Secrets
```
./proxmox/.env
./proxmox/smom-dbis-138/.env
./proxmox/smom-dbis-138/services/relay/.env
./proxmox/smom-dbis-138/services/state-anchoring-service/.env
./proxmox/smom-dbis-138/services/transaction-mirroring-service/.env
./loc_az_hci/.env
./loc_az_hci/smom-dbis-138/.env
./smom-dbis-138/.env
./no_five/.env
./237-combo/.env
./dbis_core/.env
```
### Scripts with Hardcoded Secrets
```
./proxmox/scripts/install-shared-tunnel-token.sh
./proxmox/scripts/fix-certbot-dns-propagation.sh
./proxmox/scripts/obtain-all-ssl-certificates.sh
./proxmox/scripts/configure-all-cloudflare-dns.sh
./proxmox/scripts/test-cloudflare-permissions.sh
./proxmox/smom-dbis-138/frontend-dapp/create-npmplus-proxy.sh
./proxmox/scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh
./proxmox/scripts/nginx-proxy-manager/delete-sankofa-proxy-hosts.sh
```
### Documentation with Secrets
```
./proxmox/docs/06-besu/T1_2_CREDENTIALS_VERIFIED.md
./proxmox/docs/06-besu/T1_2_CREDENTIALS_STATUS.md
./proxmox/docs/04-configuration/UDM_PRO_API_LIMITATIONS.md
./proxmox/docs/04-configuration/NGINX_PROXY_MANAGER_COMPLETE_SETUP.md
```
---
## 🔐 HSM VAULT PATHS (Proposed)
```
secret/blockchain/private-keys/deployer
secret/blockchain/private-keys/237-combo
secret/cloudflare/api-tokens/main
secret/cloudflare/api-tokens/certbot
secret/cloudflare/tunnel-tokens/shared
secret/cloudflare/origin-ca/main
secret/infrastructure/npm/password
secret/infrastructure/npm/email
secret/infrastructure/unifi/api-key
secret/infrastructure/unifi/password
secret/databases/postgres/main
secret/services/jwt/main
```
---
## ⚡ QUICK ACTIONS
### Verify .gitignore
```bash
grep -r "\.env" .gitignore
grep -r "\.env\.backup" .gitignore
```
### Find All .env Files
```bash
find . -name ".env" ! -name "*.example" ! -path "*/node_modules/*"
```
### Find Hardcoded Secrets in Scripts
```bash
grep -rE "(PASSWORD|SECRET|API_KEY|TOKEN|PRIVATE_KEY)\s*=" --include="*.sh" --include="*.js" --include="*.ts"
```
### Check for Secrets in Git History
```bash
git log --all --full-history --source -- "*/.env"
```
---
**See [MASTER_SECRETS_INVENTORY.md](MASTER_SECRETS_INVENTORY.md) for complete details.**
Reference in New Issue View Git Blame Copy Permalink