Squid proxy might be something of interest to you.
DIYSRE
joined 11 months ago
It seems like an alternative to HashiCorp Vault, so integration into deployment pipelines would be a huge bonus.
OP doesn't specify what they would use the secrets manager for, but Infisical seems to be a good cross between something like Bitwarden and something like Vault.
So what we're looking at is probably two or three systems here. I can't help you on what systems integrate.
Documentation
This is for general documentation. SOPs, etc.
I generally advise documentation be stored in Markdown. This is after decades of having to migrate systems or being locked into a documentation system because a migration path was too timely.
Markdown is ultra portable and easy to store/backup. You can get change management interfaces for it, or store it in Git if you have to.
Even something like mdwiki would do the trick in a pinch. The value you see out of this lies in how well you keep it organized and how well you use it.
Client Secrets
This will be served by a secrets manager like https://github.com/Infisical/infisical
I've never used it but I've seen it recommended and it seems like a good project.
I've used things like KeePass, Bitwarden andOnePass. My preference would probably be none of them, but I do like Bitwarden for a personal vault.
Asset Management
This should be handled by an asset management system. This is for things like licenses, hardware, etc.
Snipe-IT was actually my pick for this. Just for assets though, nothing else.
I understand that this isn't going to answer your question, but maybe ask why you want a web ui over a local app.
I've gone through this too and when I thought about it, I realized:
- My phone has K9
- My tablet has K9
- My computer has Thunderbird
No other devices access my email or calendar, and a web mail client isn't really where I want to go. I originally wanted a web client so that I could access my email from my work computer when I was in the office, however it was too much of a security risk just to avoid picking up my phone.
I'll get Nextcloud going for this just to test, but I know that I likely won't use it much.
S3 is just storage. It's not a hard drive or a computer, it's just object storage.
If you're storing your .exe in S3 then there's some options to use Lambda to run the exe. You could also run a EC2 instance or access the S3 bucket with IAM credentials from a locally hosted server. It all depends on what you're doing.