Welp, my vision's starting to get blurry - time to pull my head out of my terminal... @.@ Anyway, this is where I am at for now.
https://github.com/bitnami-labs/sealed-secrets/discussions/1521
And this... this is a mess. x-x
Discussion
It’s been quite a while since I last used kubeseal, otherwise I’d feel comfortable commenting on more. But for 1. The private key only exists in the cluster so you’d be effed if you lose it. And 4. Yeah, whilst it feels uncomfortable doing it initially, that’s the use case for it. Hope it makes you a little more comfortable
Aye, every little bit helps! ^^
Was going to set up an automated exporter job with Rclone and ProtonDrive to just back stuff up there. It's the only cloud provider I would genuely trust with that key aside from my own disks. But this is a key I most definitively want in more than one location...
Thanks for your cents on this tho! =)
Yeah that defo is a solid plan :) another online backup provider I can suggest looking into is tarsnap. Allan Jude spoke highly of it for yonks when I used to listen to BSDNow. Not used it but if you’ve not got tonnes of data but really needs to be private, seems like a good option
nostr:npub1tcekjparmkju6k83r5tzmzjvjwy0nnajlrwyk35us9g7x7wx80ys9hjmky might have been Michael Lucas actually, I had a good 5-6 years exclusively using FreeBSD so I have melded them together in my mind 😂 Lucas’s books were amazing resources for ZFS and FreeBSD though for sure