Security: Remove exposed tokens and credentials

2026-03-15 03:39:41 +00:00
parent a2623a5683
commit 9bbf657ea9
7 changed files with 9 additions and 9 deletions
--- a/README.md
+++ b/README.md
@@ -73,7 +73,7 @@ sudo nixos-rebuild switch
 |-----------|--------|
 | Serveur | `headscale.du-senegal.com` |
 | Fallback | `141.94.23.212` |
-| Auth Key | `f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0` |
+| Auth Key | `<HEADSCALE_AUTHKEY>` |

 ### NATS (Bus de messages)

--- a/install/disk.sh
+++ b/install/disk.sh
@@ -38,7 +38,7 @@ echo -e "${NC}"
 # Configuration
 HEADSCALE_URL="https://headscale.du-senegal.com"
 HEADSCALE_FALLBACK="http://141.94.23.212"
-HEADSCALE_AUTHKEY="f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+HEADSCALE_AUTHKEY="<HEADSCALE_AUTHKEY>"
 GIT_REPO="https://git.du-senegal.com/kawa_bot/kawa-context.git"
 NAMESPACE="kawa"

@@ -242,7 +242,7 @@ EOF
    enable = true;
    extraUpFlags = [
      "--login-server=https://headscale.du-senegal.com"
-      "--authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+      "--authkey=<HEADSCALE_AUTHKEY>"
    ];
  };
  
--- a/install/live.sh
+++ b/install/live.sh
@@ -38,7 +38,7 @@ echo -e "${NC}"
 # Configuration
 HEADSCALE_URL="https://headscale.du-senegal.com"
 HEADSCALE_FALLBACK="http://141.94.23.212"
-HEADSCALE_AUTHKEY="f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+HEADSCALE_AUTHKEY="<HEADSCALE_AUTHKEY>"
 GIT_REPO="https://git.du-senegal.com/kawa_bot/kawa-context.git"
 NAMESPACE="kawa"

@@ -242,7 +242,7 @@ EOF
    enable = true;
    extraUpFlags = [
      "--login-server=https://headscale.du-senegal.com"
-      "--authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+      "--authkey=<HEADSCALE_AUTHKEY>"
    ];
  };
  
--- a/modules/kawa-gpu.nix
+++ b/modules/kawa-gpu.nix
@@ -12,7 +12,7 @@
    enable = true;
    extraUpFlags = [
      "--login-server=https://headscale.du-senegal.com"
-      "--authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+      "--authkey=<HEADSCALE_AUTHKEY>"
      "--force-reauth"
    ];
  };
--- a/modules/kawa-physical.nix
+++ b/modules/kawa-physical.nix
@@ -22,7 +22,7 @@
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
-      ExecStart = "${pkgs.tailscale}/bin/tailscale up --login-server=https://headscale.du-senegal.com --authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0 --force-reauth";
+      ExecStart = "${pkgs.tailscale}/bin/tailscale up --login-server=https://headscale.du-senegal.com --authkey=<HEADSCALE_AUTHKEY> --force-reauth";
    };
  };

--- a/nixos/kawa.nix
+++ b/nixos/kawa.nix
@@ -26,7 +26,7 @@ in
    
    authKey = mkOption {
      type = types.str;
-      default = "f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0";
+      default = "<HEADSCALE_AUTHKEY>";
      description = "Clé d'authentification";
    };
  };
--- a/2
+++ b/2
@@ -6,7 +6,7 @@ set -e

 HEADSCALE_URL="https://headscale.du-senegal.com"
 HEADSCALE_FALLBACK="http://141.94.23.212"
-HEADSCALE_AUTHKEY="f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+HEADSCALE_AUTHKEY="<HEADSCALE_AUTHKEY>"

 # Paramètres NATS
 NATS_SERVER="100.64.0.1:4222"