Ask HN: Would you store basic server information in your GitHub repository?

1 pointsyllus12y ago2 comments

A few weeks ago, I mentioned offhandedly to our Operations team that for each website our developers work on, we create a README.md file geared towards allowing anyone to jump in and have a chance in hell of debugging a critical issue.

What that means in concrete terms is that the README.md file lists:

A) The hostnames of each Nginx server used for that site

B) The hostname(s) of the MySQL servers used

C) The memcached server hostname and port

D) The document root folder the website runs at

E) The path to the error and access logs for that site

Yesterday I received an e-mail from the head of Operations requested that I take that information out of GitHub and place it on our internal corporate wiki. The rationale was that "this information resides on a third-party system that details out information that could be easily used to penetrate our systems."

I replied back that I'd remove information about the database (passwords were never listed) completely, but as we dole out work to outside vendors, and our corporate wiki cannot be accessed externally without VPN, I wasn't willing to remove basic hostname or path information and add a step or two to basic understanding of the system without good reason. As we trust 100% of our intellectual property (code) to GitHub, getting a list of hostnames by accessing our repositories is to me the least of our concerns.

I am wrong to not comply with the request?

2 comments

2 comments · 1 top-level

diminish12y ago· 1 in thread

Is the repository public? In this case there may be security risks, and a cracker may end up guessing clues about your internal network and infrastructure architecture.

yllusOP12y ago

It's private. Sorry, that's sort of pertinent information.

j / k navigate · click thread line to collapse