Merge branch 'joeyconfig'

2 files changed, 19 insertions, 6 deletions

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 5576bf06..075d68ec 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -27,10 +27,11 @@ Since the propoellor git repository is public, you can't store
 in cleartext private data such as passwords, ssh private keys, etc.
 
 Instead, `propellor --spin $host` looks for a
-`~/.propellor/privdata/$host.gpg` file and if found decrypts it and sends
-it to the remote host using ssh. This lets a remote host know its own
-private data, without seeing all the rest.
+`~/.propellor/privdata/privdata.gpg` file and if found decrypts it,
+extracts the private that that the $host needs, and sends it to to the
+$host using ssh. This lets a host know its own private data, without
+seeing all the rest.
 
-To securely store private data, use: `propellor --set $host $field`
-The field name will be something like 'Password "root"'; see PrivData.hs
-for available fields.
+To securely store private data, use: `propellor --set $field $context`
+Propellor will tell you the details when you use a Property that needs
+PrivData.
diff --git a/doc/todo/better_privdata.mdwn b/doc/todo/better_privdata.mdwn
new file mode 100644
index 00000000..1ee9e14f
--- /dev/null
+++ b/doc/todo/better_privdata.mdwn
@@ -0,0 +1,12 @@
+It can be annoying to need to move privdata values around when moving
+services between hosts, which is otherwise often just a cut-n-paste
+of a line in config.hs.
+
+It would be better if privdata were all stored in one Map, and the set of
+privdata that a host's current properties need were sent to it
+automatically, rather than the current 1-file-per-host separation.
+
+For this to work though, each property that uses privdata would need to add
+to the host's Info the privdata field it uses.
+
+> [[done]]! --[[Joey]]