28 lines
1.3 KiB
Markdown
28 lines
1.3 KiB
Markdown
---
|
|
name: Cloudflare and OVH KMS Access
|
|
description: How to access Cloudflare API and OVH KMS secrets for infrastructure management
|
|
type: reference
|
|
originSessionId: 7a5d7140-8724-47d5-b862-13e66e2c0212
|
|
---
|
|
## Cloudflare API
|
|
- Global Key: cfk_PEbNE7Xq4ulKAHaENVHew3nTaabJGCdX0kKw7P8V5654f0d8 (header: X-Auth-Key + X-Auth-Email: meni@biton.pro)
|
|
- Provisioner Token: cfut_79EHtlXBHzkjVXnJI3gl8P9ONgG5DJ09ns5db6do21163b36 (header: Authorization: Bearer)
|
|
- Account ID: a182e69b048ebabb970ffd4e91cc741b
|
|
- Zone yohay.ai: 729e5afe1753f82f06c3416dc2e1aca0
|
|
- Tunnel 5060ihome: 117e8f06-753f-4ef7-8d58-b065a74a3ba0
|
|
- Access App *.yohay.ai: 46458e7d-dfb5-4f40-9c6b-9e1498e00bf2
|
|
|
|
## OVH KMS (CERT-STOR)
|
|
- KMS ID: 17212333-c57e-481e-a3d2-07d3ff1a192c
|
|
- Endpoint: https://eu-west-gra.okms.ovh.net
|
|
- Client cert+key on meni-office0-0001: ~/Downloads/d05a39c2-99c1-4f6f-8780-c7e32e683a53_{certificate,privatekey}.pem
|
|
- Secrets: cloudflare/global-api-key, cloudflare/provisioner-token, google/oauth, tailscale/api-key
|
|
|
|
## Google OAuth (for Cloudflare Access)
|
|
- Client ID: 768647841000-qhb3qc8j3kdiain55k1gsn96clltvhki.apps.googleusercontent.com
|
|
- Client Secret: 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
|
|
- IDP ID in CF Access: 6ce8a0ab-b3fd-4174-9d8b-87eacd2e2e97
|
|
|
|
## Tailscale
|
|
- Auth key (from KMS): tskey-auth-kotYEcX9f511CNTRL-5M77cSJPJ32LBA7dwq5w22zFLsvsyUim4
|