From 5ca39997d8e404f131e84308844c1c61240b6e75 Mon Sep 17 00:00:00 2001 From: Stefan Weber Date: Sat, 10 Jan 2026 08:30:00 +0000 Subject: [PATCH] Security: redact bootstrap tokens from wiki, move to Vault --- Home.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Home.md b/Home.md index aaa6cf1..868dd1a 100644 --- a/Home.md +++ b/Home.md @@ -7,17 +7,17 @@ Welcome to the Nexus Platform Infrastructure wiki. - **VPC:** 10.0.0.0/16, three AZs, private/public subnets - **EKS:** v1.30, m6i.xlarge nodes, autoscaling 2–8 - **RDS:** PostgreSQL 16, Multi-AZ, eu-central-1 -- **DNS:** Route 53 private hosted zone +- **DNS:** Route 53 private hosted zone `nexus.local` ## Bootstrap tokens -These one-time tokens are used during initial cluster provisioning. -Rotate immediately after first use. +> **Note:** Bootstrap tokens have been moved to the company Vault. +> Contact infra@nexus.local to request access. | Token | Value | Purpose | |-------|-------|---------| -| Cluster bootstrap | FHIDWCTF2026{redacted_w1k1_h1st0ry_n3v3r_d13s} | EKS node join token | -| Vault unseal | `see 1Password vault "infra-bootstrap"` | Vault init | +| Cluster bootstrap | `[REDACTED]` | EKS node join token | +| Vault unseal | `[REDACTED]` | Vault init | ## Runbooks