Working from home. Mostly cleaning up the code I wrote last week. Still trying to figure out if I'm sure about my whole store-credentials-in-a-git-repo plan. I'd /like/, just out of paranoia, to make it hard for people to get copies of the keys and such, but that's just not /possible/, since they have to get copies locally to do the work in the first place. Once they've got temporary copies, they've got permanent copies. So, there's no value in putting effort towards preventing it. So I just need to make accessing them in the first place as secure as possible, and make it easy for the sysadmins to replace the central copies with new ones whenever we have to roll them over.