austindebest/proxpanel
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
main
proxpanel/infra/deploy/SECRET_ROTATION_CHECKLIST.md

2.4 KiB
Raw Permalink Blame History

Secret Rotation Checklist (Production)

Target: my.votcloud.com
Host: 102.69.243.167

Scope

Rotate the following regularly (monthly/quarterly or after any incident):

  1. JWT_SECRET
  2. JWT_REFRESH_SECRET
  3. POSTGRES_PASSWORD
  4. ADMIN_PASSWORD

Recommended:

  1. BACKUP_ENCRYPTION_KEY (with controlled key migration plan)
  2. Proxmox API token secret
  3. Payment/webhook secrets

Enterprise hardening:

  1. Keep one grace window for webhook secret rotation (*_previous) to avoid dropped payment events during provider cutover.
  2. Validate new Proxmox token directly against /api2/json/version before applying it in panel settings.

Runbook (Safe Order)

  1. Create timestamped app/env/db backup.
  2. Rotate env secrets in .env.production.
  3. Apply DB password rotation (ALTER USER ... WITH PASSWORD ...).
  4. Restart app stack with new env.
  5. Re-seed admin (npm run prisma:seed) to sync rotated admin password.
  6. Revoke all active sessions (AuthSession) to invalidate old sessions.
  7. Verify:
    • GET /api/health
    • Admin login
    • Core pages (/rbac, /profile, /system, /audit-logs)
  8. Save secure summary with new admin credentials under /root/.

Automation Script

Use:

sudo bash /opt/proxpanel/infra/deploy/rotate-production-secrets.sh

Script guarantees:

  1. Backup directory created in /opt/proxpanel-backups/<timestamp>-secret-rotation/
  2. DB pre-rotation dump created
  3. Post-rotation health + login verified
  4. Summary written to /root/proxpanel-secret-rotation-<timestamp>.txt

For integration secrets (Proxmox + payment/webhook + alerting endpoints), use:

sudo bash /opt/proxpanel/infra/deploy/rotate-integration-secrets.sh \
  --proxmox-token-secret 'new_token_secret' \
  --paystack-secret 'new_paystack_secret' \
  --flutterwave-webhook-hash 'new_hash'

After external provider cutover is confirmed, clear grace secrets:

sudo bash /opt/proxpanel/infra/deploy/rotate-integration-secrets.sh \
  --finalize-payment-webhook-grace

Rollback Plan

If post-rotation checks fail:

  1. Restore .env.production from backup.
  2. Restore previous app files if needed.
  3. Restore DB dump if schema/state corruption occurred.
  4. Recreate containers:
    • docker compose --env-file .env.production -f infra/deploy/docker-compose.production.yml up -d --build

Audit Trail

Store:

  1. Rotation timestamp
  2. Operator identity
  3. Backup directory used
  4. Health verification evidence
  5. Any rollback events
Reference in New Issue View Git Blame Copy Permalink