add docker swarm guide

Update folder not found error msg

.github/workflows/build-patroni-docker-img.yml

@@ -0,0 +1,38 @@
+name: Build patroni 
+on: [workflow_dispatch]
+
+jobs:
+  patroni-image:
+    name: Build patroni
+    runs-on: ubuntu-latest
+    steps:
+      - name: ☁️ Checkout source
+        uses: actions/checkout@v3
+        with:
+          repository: 'zalando/patroni'
+      - name: Save commit hashes for tag
+        id: commit
+        uses: pr-mpt/actions-commit-hash@v2
+      - name: 🔧 Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: 🐋 Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Set up Depot CLI
+        uses: depot/setup-action@v1
+      - name: 🏗️ Build backend and push to docker hub
+        uses: depot/build-push-action@v1
+        with:
+          project: 64mmf0n610
+          token: ${{ secrets.DEPOT_PROJECT_TOKEN }}
+          push: true
+          context: .
+          file: Dockerfile
+          tags: |
+            infisical/patroni:${{ steps.commit.outputs.short }}
+            infisical/patroni:latest
+          platforms: linux/amd64,linux/arm64
+    
+  

backend/e2e-test/routes/v3/secrets.spec.ts

@@ -942,6 +942,113 @@ describe.each([{ auth: AuthMode.JWT }, { auth: AuthMode.IDENTITY_ACCESS_TOKEN }]
       const secrets = await getSecrets(seedData1.environment.slug, path);
       expect(secrets).toEqual([]);
     });
+
+    test.each(testRawSecrets)("Bulk create secret raw in path $path", async ({ path, secret }) => {
+      const createSecretReqBody = {
+        projectSlug: seedData1.project.slug,
+        environment: seedData1.environment.slug,
+        secretPath: path,
+        secrets: [
+          {
+            secretKey: secret.key,
+            secretValue: secret.value,
+            secretComment: secret.comment
+          }
+        ]
+      };
+      const createSecRes = await testServer.inject({
+        method: "POST",
+        url: `/api/v3/secrets/batch/raw`,
+        headers: {
+          authorization: `Bearer ${authToken}`
+        },
+        body: createSecretReqBody
+      });
+      expect(createSecRes.statusCode).toBe(200);
+      const createdSecretPayload = JSON.parse(createSecRes.payload);
+      expect(createdSecretPayload).toHaveProperty("secrets");
+
+      // fetch secrets
+      const secrets = await getSecrets(seedData1.environment.slug, path);
+      expect(secrets).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            key: secret.key,
+            value: secret.value,
+            type: SecretType.Shared
+          })
+        ])
+      );
+
+      await deleteRawSecret({ path, key: secret.key });
+    });
+
+    test.each(testRawSecrets)("Bulk update secret raw in path $path", async ({ secret, path }) => {
+      await createRawSecret({ path, ...secret });
+      const updateSecretReqBody = {
+        projectSlug: seedData1.project.slug,
+        environment: seedData1.environment.slug,
+        secretPath: path,
+        secrets: [
+          {
+            secretValue: "new-value",
+            secretKey: secret.key
+          }
+        ]
+      };
+      const updateSecRes = await testServer.inject({
+        method: "PATCH",
+        url: `/api/v3/secrets/batch/raw`,
+        headers: {
+          authorization: `Bearer ${authToken}`
+        },
+        body: updateSecretReqBody
+      });
+      expect(updateSecRes.statusCode).toBe(200);
+      const updatedSecretPayload = JSON.parse(updateSecRes.payload);
+      expect(updatedSecretPayload).toHaveProperty("secrets");
+
+      // fetch secrets
+      const secrets = await getSecrets(seedData1.environment.slug, path);
+      expect(secrets).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            key: secret.key,
+            value: "new-value",
+            version: 2,
+            type: SecretType.Shared
+          })
+        ])
+      );
+
+      await deleteRawSecret({ path, key: secret.key });
+    });
+
+    test.each(testRawSecrets)("Bulk delete secret raw in path $path", async ({ path, secret }) => {
+      await createRawSecret({ path, ...secret });
+
+      const deletedSecretReqBody = {
+        projectSlug: seedData1.project.slug,
+        environment: seedData1.environment.slug,
+        secretPath: path,
+        secrets: [{ secretKey: secret.key }]
+      };
+      const deletedSecRes = await testServer.inject({
+        method: "DELETE",
+        url: `/api/v3/secrets/batch/raw`,
+        headers: {
+          authorization: `Bearer ${authToken}`
+        },
+        body: deletedSecretReqBody
+      });
+      expect(deletedSecRes.statusCode).toBe(200);
+      const deletedSecretPayload = JSON.parse(deletedSecRes.payload);
+      expect(deletedSecretPayload).toHaveProperty("secrets");
+
+      // fetch secrets
+      const secrets = await getSecrets(seedData1.environment.slug, path);
+      expect(secrets).toEqual([]);
+    });
   }
 );
 

backend/src/db/migrations/20240405000045_org-memberships-unique-constraint.ts

@@ -42,6 +42,7 @@ export async function up(knex: Knex): Promise<void> {
   await knex.transaction(async (tx) => {
     const duplicateRows = await tx(TableName.OrgMembership)
       .select("userId", "orgId") // Select the userId and orgId so we can group by them
+      .whereNotNull("userId") // Ensure that the userId is not null
       .count("* as cnt") // Count the number of rows for each userId and orgId, so we can make sure there are more than 1 row (a duplicate)
       .groupBy("userId", "orgId")
       .havingRaw("count(*) > ?", [1]); // Using havingRaw for direct SQL expressions

backend/src/ee/services/secret-approval-request/secret-approval-request-service.ts

@@ -495,7 +495,11 @@ export const secretApprovalRequestServiceFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, secretPath);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "GenSecretApproval" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "GenSecretApproval"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });

backend/src/lib/api-docs/constants.ts

@@ -282,6 +282,7 @@ export const RAW_SECRETS = {
   },
   CREATE: {
     secretName: "The name of the secret to create.",
+    projectSlug: "The slug of the project to create the secret in.",
     environment: "The slug of the environment to create the secret in.",
     secretComment: "Attach a comment to the secret.",
     secretPath: "The path to create the secret in.",
@@ -301,11 +302,13 @@ export const RAW_SECRETS = {
   },
   UPDATE: {
     secretName: "The name of the secret to update.",
+    secretComment: "Update comment to the secret.",
     environment: "The slug of the environment where the secret is located.",
     secretPath: "The path of the secret to update",
     secretValue: "The new value of the secret.",
     skipMultilineEncoding: "Skip multiline encoding for the secret value.",
     type: "The type of the secret to update.",
+    projectSlug: "The slug of the project to update the secret in.",
     workspaceId: "The ID of the project to update the secret in."
   },
   DELETE: {
@@ -313,6 +316,7 @@ export const RAW_SECRETS = {
     environment: "The slug of the environment where the secret is located.",
     secretPath: "The path of the secret.",
     type: "The type of the secret to delete.",
+    projectSlug: "The slug of the project to delete the secret in.",
     workspaceId: "The ID of the project where the secret is located."
   }
 } as const;

backend/src/server/routes/v3/secret-router.ts

@@ -1656,4 +1656,263 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
       return { secrets };
     }
   });
+
+  server.route({
+    method: "POST",
+    url: "/batch/raw",
+    config: {
+      rateLimit: secretsLimit
+    },
+    schema: {
+      description: "Create many secrets",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
+      body: z.object({
+        projectSlug: z.string().trim().describe(RAW_SECRETS.CREATE.projectSlug),
+        environment: z.string().trim().describe(RAW_SECRETS.CREATE.environment),
+        secretPath: z
+          .string()
+          .trim()
+          .default("/")
+          .transform(removeTrailingSlash)
+          .describe(RAW_SECRETS.CREATE.secretPath),
+        secrets: z
+          .object({
+            secretKey: z.string().trim().describe(RAW_SECRETS.CREATE.secretName),
+            secretValue: z
+              .string()
+              .transform((val) => (val.at(-1) === "\n" ? `${val.trim()}\n` : val.trim()))
+              .describe(RAW_SECRETS.CREATE.secretValue),
+            secretComment: z.string().trim().optional().default("").describe(RAW_SECRETS.CREATE.secretComment),
+            skipMultilineEncoding: z.boolean().optional().describe(RAW_SECRETS.CREATE.skipMultilineEncoding)
+          })
+          .array()
+          .min(1)
+      }),
+      response: {
+        200: z.object({
+          secrets: secretRawSchema.array()
+        })
+      }
+    },
+    onRequest: verifyAuth([AuthMode.JWT, AuthMode.API_KEY, AuthMode.SERVICE_TOKEN, AuthMode.IDENTITY_ACCESS_TOKEN]),
+    handler: async (req) => {
+      const { environment, projectSlug, secretPath, secrets: inputSecrets } = req.body;
+
+      const secrets = await server.services.secret.createManySecretsRaw({
+        actorId: req.permission.id,
+        actor: req.permission.type,
+        actorAuthMethod: req.permission.authMethod,
+        actorOrgId: req.permission.orgId,
+        secretPath,
+        environment,
+        projectSlug,
+        secrets: inputSecrets
+      });
+
+      await server.services.auditLog.createAuditLog({
+        projectId: secrets[0].workspace,
+        ...req.auditLogInfo,
+        event: {
+          type: EventType.CREATE_SECRETS,
+          metadata: {
+            environment: req.body.environment,
+            secretPath: req.body.secretPath,
+            secrets: secrets.map((secret, i) => ({
+              secretId: secret.id,
+              secretKey: inputSecrets[i].secretKey,
+              secretVersion: secret.version
+            }))
+          }
+        }
+      });
+
+      await server.services.telemetry.sendPostHogEvents({
+        event: PostHogEventTypes.SecretCreated,
+        distinctId: getTelemetryDistinctId(req),
+        properties: {
+          numberOfSecrets: secrets.length,
+          workspaceId: secrets[0].workspace,
+          environment: req.body.environment,
+          secretPath: req.body.secretPath,
+          channel: getUserAgentType(req.headers["user-agent"]),
+          ...req.auditLogInfo
+        }
+      });
+      return { secrets };
+    }
+  });
+
+  server.route({
+    method: "PATCH",
+    url: "/batch/raw",
+    config: {
+      rateLimit: secretsLimit
+    },
+    schema: {
+      description: "Update many secrets",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
+      body: z.object({
+        projectSlug: z.string().trim().describe(RAW_SECRETS.UPDATE.projectSlug),
+        environment: z.string().trim().describe(RAW_SECRETS.UPDATE.environment),
+        secretPath: z
+          .string()
+          .trim()
+          .default("/")
+          .transform(removeTrailingSlash)
+          .describe(RAW_SECRETS.UPDATE.secretPath),
+        secrets: z
+          .object({
+            secretKey: z.string().trim().describe(RAW_SECRETS.UPDATE.secretName),
+            secretValue: z
+              .string()
+              .transform((val) => (val.at(-1) === "\n" ? `${val.trim()}\n` : val.trim()))
+              .describe(RAW_SECRETS.UPDATE.secretValue),
+            secretComment: z.string().trim().optional().describe(RAW_SECRETS.UPDATE.secretComment),
+            skipMultilineEncoding: z.boolean().optional().describe(RAW_SECRETS.UPDATE.skipMultilineEncoding)
+          })
+          .array()
+          .min(1)
+      }),
+      response: {
+        200: z.object({
+          secrets: secretRawSchema.array()
+        })
+      }
+    },
+    onRequest: verifyAuth([AuthMode.JWT, AuthMode.API_KEY, AuthMode.SERVICE_TOKEN, AuthMode.IDENTITY_ACCESS_TOKEN]),
+    handler: async (req) => {
+      const { environment, projectSlug, secretPath, secrets: inputSecrets } = req.body;
+      const secrets = await server.services.secret.updateManySecretsRaw({
+        actorId: req.permission.id,
+        actor: req.permission.type,
+        actorAuthMethod: req.permission.authMethod,
+        actorOrgId: req.permission.orgId,
+        secretPath,
+        environment,
+        projectSlug,
+        secrets: inputSecrets
+      });
+
+      await server.services.auditLog.createAuditLog({
+        projectId: secrets[0].workspace,
+        ...req.auditLogInfo,
+        event: {
+          type: EventType.UPDATE_SECRETS,
+          metadata: {
+            environment: req.body.environment,
+            secretPath: req.body.secretPath,
+            secrets: secrets.map((secret, i) => ({
+              secretId: secret.id,
+              secretKey: inputSecrets[i].secretKey,
+              secretVersion: secret.version
+            }))
+          }
+        }
+      });
+
+      await server.services.telemetry.sendPostHogEvents({
+        event: PostHogEventTypes.SecretUpdated,
+        distinctId: getTelemetryDistinctId(req),
+        properties: {
+          numberOfSecrets: secrets.length,
+          workspaceId: secrets[0].workspace,
+          environment: req.body.environment,
+          secretPath: req.body.secretPath,
+          channel: getUserAgentType(req.headers["user-agent"]),
+          ...req.auditLogInfo
+        }
+      });
+      return { secrets };
+    }
+  });
+
+  server.route({
+    method: "DELETE",
+    url: "/batch/raw",
+    config: {
+      rateLimit: secretsLimit
+    },
+    schema: {
+      description: "Delete many secrets",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
+      body: z.object({
+        projectSlug: z.string().trim().describe(RAW_SECRETS.DELETE.projectSlug),
+        environment: z.string().trim().describe(RAW_SECRETS.DELETE.environment),
+        secretPath: z
+          .string()
+          .trim()
+          .default("/")
+          .transform(removeTrailingSlash)
+          .describe(RAW_SECRETS.DELETE.secretPath),
+        secrets: z
+          .object({
+            secretKey: z.string().trim().describe(RAW_SECRETS.DELETE.secretName)
+          })
+          .array()
+          .min(1)
+      }),
+      response: {
+        200: z.object({
+          secrets: secretRawSchema.array()
+        })
+      }
+    },
+    onRequest: verifyAuth([AuthMode.JWT, AuthMode.API_KEY, AuthMode.SERVICE_TOKEN, AuthMode.IDENTITY_ACCESS_TOKEN]),
+    handler: async (req) => {
+      const { environment, projectSlug, secretPath, secrets: inputSecrets } = req.body;
+      const secrets = await server.services.secret.deleteManySecretsRaw({
+        actorId: req.permission.id,
+        actor: req.permission.type,
+        actorAuthMethod: req.permission.authMethod,
+        actorOrgId: req.permission.orgId,
+        environment,
+        projectSlug,
+        secretPath,
+        secrets: inputSecrets
+      });
+
+      await server.services.auditLog.createAuditLog({
+        projectId: secrets[0].workspace,
+        ...req.auditLogInfo,
+        event: {
+          type: EventType.DELETE_SECRETS,
+          metadata: {
+            environment: req.body.environment,
+            secretPath: req.body.secretPath,
+            secrets: secrets.map((secret, i) => ({
+              secretId: secret.id,
+              secretKey: inputSecrets[i].secretKey,
+              secretVersion: secret.version
+            }))
+          }
+        }
+      });
+
+      await server.services.telemetry.sendPostHogEvents({
+        event: PostHogEventTypes.SecretDeleted,
+        distinctId: getTelemetryDistinctId(req),
+        properties: {
+          numberOfSecrets: secrets.length,
+          workspaceId: secrets[0].workspace,
+          environment: req.body.environment,
+          secretPath: req.body.secretPath,
+          channel: getUserAgentType(req.headers["user-agent"]),
+          ...req.auditLogInfo
+        }
+      });
+      return { secrets };
+    }
+  });
 };

backend/src/services/secret/secret-fns.ts

@@ -575,7 +575,11 @@ export const createManySecretsRawFnFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, secretPath);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -680,7 +684,11 @@ export const updateManySecretsRawFnFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, secretPath);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Update secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Update secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });

backend/src/services/secret/secret-service.ts

@@ -33,9 +33,11 @@ import { TSecretQueueFactory } from "./secret-queue";
 import {
   TAttachSecretTagsDTO,
   TCreateBulkSecretDTO,
+  TCreateManySecretRawDTO,
   TCreateSecretDTO,
   TCreateSecretRawDTO,
   TDeleteBulkSecretDTO,
+  TDeleteManySecretRawDTO,
   TDeleteSecretDTO,
   TDeleteSecretRawDTO,
   TFnSecretBlindIndexCheckV2,
@@ -46,6 +48,7 @@ import {
   TGetSecretsRawDTO,
   TGetSecretVersionsDTO,
   TUpdateBulkSecretDTO,
+  TUpdateManySecretRawDTO,
   TUpdateSecretDTO,
   TUpdateSecretRawDTO
 } from "./secret-types";
@@ -179,7 +182,11 @@ export const secretServiceFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -275,7 +282,11 @@ export const secretServiceFactory = ({
     }
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -391,7 +402,11 @@ export const secretServiceFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -559,7 +574,11 @@ export const secretServiceFactory = ({
       subject(ProjectPermissionSub.Secrets, { environment, secretPath: path })
     );
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const secretBlindIndex = await interalGenSecBlindIndexByName(projectId, secretName);
@@ -655,7 +674,11 @@ export const secretServiceFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -724,7 +747,11 @@ export const secretServiceFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Update secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Update secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -810,7 +837,11 @@ export const secretServiceFactory = ({
     await projectDAL.checkProjectUpgradeStatus(projectId);
 
     const folder = await folderDAL.findBySecretPath(projectId, environment, path);
-    if (!folder) throw new BadRequestError({ message: "Folder not  found", name: "Create secret" });
+    if (!folder)
+      throw new BadRequestError({
+        message: "Folder not found for the given environment slug & secret path",
+        name: "Create secret"
+      });
     const folderId = folder.id;
 
     const blindIndexCfg = await secretBlindIndexDAL.findOne({ projectId });
@@ -1036,6 +1067,143 @@ export const secretServiceFactory = ({
     return decryptSecretRaw(secret, botKey);
   };
 
+  const createManySecretsRaw = async ({
+    actorId,
+    projectSlug,
+    environment,
+    actor,
+    actorOrgId,
+    actorAuthMethod,
+    secretPath,
+    secrets: inputSecrets = []
+  }: TCreateManySecretRawDTO) => {
+    const project = await projectDAL.findProjectBySlug(projectSlug, actorOrgId);
+    if (!project) throw new BadRequestError({ message: "Project not found" });
+    const projectId = project.id;
+
+    const botKey = await projectBotService.getBotKey(projectId);
+    if (!botKey) throw new BadRequestError({ message: "Project bot not found", name: "bot_not_found_error" });
+
+    const secrets = await createManySecret({
+      projectId,
+      environment,
+      path: secretPath,
+      actor,
+      actorId,
+      actorOrgId,
+      actorAuthMethod,
+      secrets: inputSecrets.map(({ secretComment, secretKey, secretValue, skipMultilineEncoding }) => {
+        const secretKeyEncrypted = encryptSymmetric128BitHexKeyUTF8(secretKey, botKey);
+        const secretValueEncrypted = encryptSymmetric128BitHexKeyUTF8(secretValue || "", botKey);
+        const secretCommentEncrypted = encryptSymmetric128BitHexKeyUTF8(secretComment || "", botKey);
+        return {
+          secretName: secretKey,
+          skipMultilineEncoding,
+          secretKeyCiphertext: secretKeyEncrypted.ciphertext,
+          secretKeyIV: secretKeyEncrypted.iv,
+          secretKeyTag: secretKeyEncrypted.tag,
+          secretValueCiphertext: secretValueEncrypted.ciphertext,
+          secretValueIV: secretValueEncrypted.iv,
+          secretValueTag: secretValueEncrypted.tag,
+          secretCommentCiphertext: secretCommentEncrypted.ciphertext,
+          secretCommentIV: secretCommentEncrypted.iv,
+          secretCommentTag: secretCommentEncrypted.tag
+        };
+      })
+    });
+
+    await snapshotService.performSnapshot(secrets[0].folderId);
+    await secretQueueService.syncSecrets({ secretPath, projectId, environment });
+
+    return secrets.map((secret) => decryptSecretRaw({ ...secret, workspace: projectId, environment }, botKey));
+  };
+
+  const updateManySecretsRaw = async ({
+    actorId,
+    projectSlug,
+    environment,
+    actor,
+    actorOrgId,
+    actorAuthMethod,
+    secretPath,
+    secrets: inputSecrets = []
+  }: TUpdateManySecretRawDTO) => {
+    const project = await projectDAL.findProjectBySlug(projectSlug, actorOrgId);
+    if (!project) throw new BadRequestError({ message: "Project not found" });
+    const projectId = project.id;
+
+    const botKey = await projectBotService.getBotKey(projectId);
+    if (!botKey) throw new BadRequestError({ message: "Project bot not found", name: "bot_not_found_error" });
+
+    const secrets = await updateManySecret({
+      projectId,
+      environment,
+      path: secretPath,
+      actor,
+      actorId,
+      actorOrgId,
+      actorAuthMethod,
+      secrets: inputSecrets.map(({ secretComment, secretKey, secretValue, skipMultilineEncoding }) => {
+        const secretKeyEncrypted = encryptSymmetric128BitHexKeyUTF8(secretKey, botKey);
+        const secretValueEncrypted = encryptSymmetric128BitHexKeyUTF8(secretValue || "", botKey);
+        const secretCommentEncrypted = encryptSymmetric128BitHexKeyUTF8(secretComment || "", botKey);
+        return {
+          secretName: secretKey,
+          type: SecretType.Shared,
+          skipMultilineEncoding,
+          secretKeyCiphertext: secretKeyEncrypted.ciphertext,
+          secretKeyIV: secretKeyEncrypted.iv,
+          secretKeyTag: secretKeyEncrypted.tag,
+          secretValueCiphertext: secretValueEncrypted.ciphertext,
+          secretValueIV: secretValueEncrypted.iv,
+          secretValueTag: secretValueEncrypted.tag,
+          secretCommentCiphertext: secretCommentEncrypted.ciphertext,
+          secretCommentIV: secretCommentEncrypted.iv,
+          secretCommentTag: secretCommentEncrypted.tag
+        };
+      })
+    });
+
+    await snapshotService.performSnapshot(secrets[0].folderId);
+    await secretQueueService.syncSecrets({ secretPath, projectId, environment });
+
+    return secrets.map((secret) => decryptSecretRaw({ ...secret, workspace: projectId, environment }, botKey));
+  };
+
+  const deleteManySecretsRaw = async ({
+    actorId,
+    projectSlug,
+    environment,
+    actor,
+    actorOrgId,
+    actorAuthMethod,
+    secretPath,
+    secrets: inputSecrets = []
+  }: TDeleteManySecretRawDTO) => {
+    const project = await projectDAL.findProjectBySlug(projectSlug, actorOrgId);
+    if (!project) throw new BadRequestError({ message: "Project not found" });
+    const projectId = project.id;
+
+    const botKey = await projectBotService.getBotKey(projectId);
+    if (!botKey) throw new BadRequestError({ message: "Project bot not found", name: "bot_not_found_error" });
+
+    const secrets = await deleteManySecret({
+      projectId,
+      environment,
+      path: secretPath,
+      actor,
+      actorId,
+      actorOrgId,
+      actorAuthMethod,
+      secrets: inputSecrets.map(({ secretKey }) => ({ secretName: secretKey, type: SecretType.Shared }))
+    });
+
+    await snapshotService.performSnapshot(secrets[0].folderId);
+    await secretQueueService.syncSecrets({ secretPath, projectId, environment });
+
+    return secrets.map((secret) => decryptSecretRaw({ ...secret, workspace: projectId, environment }, botKey));
+  };
+
   const getSecretVersions = async ({
     actorId,
     actor,
@@ -1280,6 +1448,9 @@ export const secretServiceFactory = ({
     createSecretRaw,
     updateSecretRaw,
     deleteSecretRaw,
+    createManySecretsRaw,
+    updateManySecretsRaw,
+    deleteManySecretsRaw,
     getSecretVersions,
     // external services function
     fnSecretBulkDelete,

backend/src/services/secret/secret-types.ts

@@ -181,6 +181,39 @@ export type TDeleteSecretRawDTO = TProjectPermission & {
   type: SecretType;
 };
 
+export type TCreateManySecretRawDTO = Omit<TProjectPermission, "projectId"> & {
+  secretPath: string;
+  projectSlug: string;
+  environment: string;
+  secrets: {
+    secretKey: string;
+    secretValue: string;
+    secretComment?: string;
+    skipMultilineEncoding?: boolean;
+  }[];
+};
+
+export type TUpdateManySecretRawDTO = Omit<TProjectPermission, "projectId"> & {
+  secretPath: string;
+  projectSlug: string;
+  environment: string;
+  secrets: {
+    secretKey: string;
+    secretValue: string;
+    secretComment?: string;
+    skipMultilineEncoding?: boolean;
+  }[];
+};
+
+export type TDeleteManySecretRawDTO = Omit<TProjectPermission, "projectId"> & {
+  secretPath: string;
+  projectSlug: string;
+  environment: string;
+  secrets: {
+    secretKey: string;
+  }[];
+};
+
 export type TGetSecretVersionsDTO = Omit<TProjectPermission, "projectId"> & {
   limit?: number;
   offset?: number;

docs/api-reference/endpoints/secrets/create-many.mdx

@@ -0,0 +1,8 @@
+---
+title: "Bulk Create"
+openapi: "POST /api/v3/secrets/batch/raw"
+---
+
+<Tip>
+  This endpoint requires you to disable end-to-end encryption. For more information, you should consult this [note](https://infisical.com/docs/api-reference/overview/examples/note).
+</Tip>

docs/api-reference/endpoints/secrets/delete-many.mdx

@@ -0,0 +1,8 @@
+---
+title: "Bulk Delete"
+openapi: "DELETE /api/v3/secrets/batch/raw"
+---
+
+<Tip>
+  This endpoint requires you to disable end-to-end encryption. For more information, you should consult this [note](https://infisical.com/docs/api-reference/overview/examples/note).
+</Tip>

docs/api-reference/endpoints/secrets/update-many.mdx

@@ -0,0 +1,8 @@
+---
+title: "Bulk Update"
+openapi: "PATCH /api/v3/secrets/batch/raw"
+---
+
+<Tip>
+  This endpoint requires you to disable end-to-end encryption. For more information, you should consult this [note](https://infisical.com/docs/api-reference/overview/examples/note).
+</Tip>

docs/integrations/cloud/aws-amplify.mdx

@@ -33,7 +33,7 @@ This approach enables you to fetch secrets from Infisical during Amplify build t
         preBuild:
           commands:
 		- sudo curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.rpm.sh' | sudo -E bash
-		- sudo yum install infisical
+		- sudo yum -y install infisical
     ```
   </Step>
   <Step title="Modify the build command">

docs/mint.json

@@ -201,6 +201,7 @@
           "group": "Installation methods",
           "pages": [
             "self-hosting/deployment-options/standalone-infisical",
+            "self-hosting/deployment-options//docker-swarm",
             "self-hosting/deployment-options/docker-compose",
             "self-hosting/deployment-options/kubernetes-helm"
           ]
@@ -216,8 +217,7 @@
         {
           "group": "Reference architectures",
           "pages": [
-            "self-hosting/reference-architectures/aws-ecs",
-            "self-hosting/reference-architectures/on-premise"
+            "self-hosting/reference-architectures/aws-ecs"
           ]
         },
         "self-hosting/ee",

docs/self-hosting/deployment-options/docker-compose.mdx

@@ -12,7 +12,7 @@ to run a functional instance of Infisical.
 <Warning>
 This Docker Compose configuration is not designed for high-availability production scenarios. 
 It includes just the essential components needed to set up an Infisical proof of concept (POC). 
-Additional configuration is required to enhance data redundancy and ensure higher availability for production environments.
+To run Infisical in a highly available manner, give the [Docker Swarm guide](/self-hosting/deployment-options/docker-swarm).
 </Warning>
 
 ## Verify prerequisites

docs/self-hosting/deployment-options/docker-swarm.mdx

@@ -0,0 +1,571 @@
+---
+title: "Docker Swarm"
+description: "How to self Infisical with Docker Swarm (HA)."
+---
+
+# Self-Hosting Infisical with Docker Swarm
+
+This guide will provide step-by-step instructions on how to self-host Infisical using Docker Swarm. This is particularly helpful for those wanting to self host Infisical on premise while still maintaining high availability (HA) for the core Infisical components. 
+The guide will demonstrate a setup with three nodes, ensuring that the cluster can tolerate the failure of one node while remaining fully operational.
+
+## Docker Swarm
+
+[Docker Swarm](https://docs.docker.com/engine/swarm/) is a native clustering and orchestration solution for Docker containers. 
+It simplifies the deployment and management of containerized applications across multiple nodes, making it a great choice for self-hosting Infisical.
+
+Unlike Kubernetes, which requires a deep understanding of the Kubernetes ecosystem, if you're accustomed to Docker and Docker Compose, you're already familiar with most of Docker Swarm. 
+For this reason, we suggest teams use Docker Swarm to deploy Infisical in a highly available and fault tolerant manner.
+
+## Prerequisites
+- Understanding of Docker Swarm
+- Bare/Virtual Machines with Docker installed on each VM.
+- Docker Swarm initialized on the VMs.
+
+## Core Components for High Availability
+
+The provided Docker stack includes the following core components to achieve high availability:
+
+1. **Spilo**: [Spilo](https://github.com/zalando/spilo) is used to run PostgreSQL with [Patroni](https://github.com/zalando/patroni) for HA and automatic failover. It utilizes etcd for leader election of the PostgreSQL instances.
+
+2. **Redis**: Redis is used for caching and is set up with Redis Sentinel for HA. 
+The stack includes three Redis replicas and three Redis Sentinel instances for monitoring and failover.
+
+3. **Infisical**: Infisical is stateless, allowing for easy scaling and replication across multiple nodes.
+
+4. **HAProxy**: HAProxy is used as a load balancer to distribute traffic to the PostgreSQL and Redis instances. 
+It is configured to perform health checks and route requests to the appropriate backend services.
+
+## Node Failure Tolerance
+
+To ensure Infisical is highly available and fault tolerant, it's important to choose the number of nodes in the cluster. 
+The following table shows the relationship between the number of nodes and the maximum number of nodes that can be down while the cluster continues to function:
+
+| Total Nodes | Max Nodes Down | Min Nodes Required |
+|-------------|----------------|-------------------|
+| 1           | 0              | 1                 |
+| 2           | 0              | 2                 |
+| 3           | 1              | 2                 |
+| 4           | 1              | 3                 |
+| 5           | 2              | 3                 |
+| 6           | 2              | 4                 |
+| 7           | 3              | 4                 |
+
+The formula for calculating the minimum number of nodes required is: `floor(n/2) + 1`, where `n` is the total number of nodes.
+
+This guide will demonstrate a setup with three nodes, which allows for one node to be down while the cluster remains operational. This fault tolerance applies to the following components:
+
+- Redis Sentinel: With three Sentinel instances, one instance can be down, and the remaining two can still form a quorum to make decisions.
+- Redis: With three Redis instances (one master and two replicas), one instance can be down, and the remaining two can continue to provide caching services.
+- PostgreSQL: With three PostgreSQL instances managed by Patroni and etcd, one instance can be down, and the remaining two can maintain data consistency and availability.
+- Manager Nodes: In a Docker Swarm cluster with three manager nodes, one manager node can be down, and the remaining two can continue to manage the cluster. 
+For the sake of simplicity, the example in this guide only contains one manager node.   
+
+It's important to note that while the cluster can tolerate the failure of one node in a three-node setup, it's recommended to have a minimum of three nodes to ensure high availability. 
+With two nodes, the failure of a single node can result in a loss of quorum and potential downtime.
+
+## Docker Deployment Stack 
+
+<Tabs>
+  <Tab title="Docker Swarm stack">
+    ```yaml infisical-stack.yaml
+version: "3"
+
+services:
+  haproxy:
+    image: haproxy:latest
+    ports:
+      - '7001:7000'
+      - '5002:5433'
+      - '5003:5434'
+      - '6379:6379'
+      - '8080:8080'
+    networks:
+    - infisical
+    configs:
+      - source: haproxy-config
+        target: /usr/local/etc/haproxy/haproxy.cfg
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node1
+          
+  infisical:
+    container_name: infisical-backend
+    image: infisical/infisical:v0.60.0-postgres
+    env_file: .env
+    ports:
+      - 80:8080
+    environment:
+      - NODE_ENV=production
+    networks:
+      - infisical
+    secrets:
+      - env_file
+    
+  etcd1:
+    image: ghcr.io/zalando/spilo-16:3.2-p2
+    networks:
+      - infisical
+    environment:
+      ETCD_UNSUPPORTED_ARCH: arm64
+    container_name: demo-etcd1
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node1
+    hostname: etcd1
+    command: |
+      etcd --name etcd1 
+      --listen-client-urls http://0.0.0.0:2379 
+      --listen-peer-urls=http://0.0.0.0:2380 
+      --advertise-client-urls http://etcd1:2379 
+      --initial-cluster=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380 
+      --initial-advertise-peer-urls=http://etcd1:2380 
+      --initial-cluster-state=new
+
+  etcd2:
+    image: ghcr.io/zalando/spilo-16:3.2-p2
+    networks:
+      - infisical
+    environment:
+      ETCD_UNSUPPORTED_ARCH: arm64
+    container_name: demo-etcd2
+    hostname: etcd2
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node2
+    command: |
+      etcd --name etcd2 
+      --listen-client-urls http://0.0.0.0:2379 
+      --listen-peer-urls=http://0.0.0.0:2380 
+      --advertise-client-urls http://etcd2:2379 
+      --initial-cluster=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380 
+      --initial-advertise-peer-urls=http://etcd2:2380 
+      --initial-cluster-state=new
+
+  etcd3:
+    image: ghcr.io/zalando/spilo-16:3.2-p2
+    networks:
+      - infisical
+    environment:
+      ETCD_UNSUPPORTED_ARCH: arm64
+    container_name: demo-etcd3
+    hostname: etcd3
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node3
+    command: |
+      etcd --name etcd3 
+      --listen-client-urls http://0.0.0.0:2379 
+      --listen-peer-urls=http://0.0.0.0:2380 
+      --advertise-client-urls http://etcd3:2379 
+      --initial-cluster=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380 
+      --initial-advertise-peer-urls=http://etcd3:2380 
+      --initial-cluster-state=new
+
+  spolo1:
+    image: ghcr.io/zalando/spilo-16:3.2-p2
+    container_name: postgres-1
+    networks:
+    - infisical
+    hostname: postgres-1
+    environment:
+        ETCD_HOSTS: etcd1:2379,etcd2:2379,etcd3:2379
+        PGPASSWORD_SUPERUSER: "postgres"
+        PGUSER_SUPERUSER: "postgres"
+        SCOPE: infisical
+    volumes:
+      - postgres_data1:/home/postgres/pgdata
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node1
+
+  spolo2:
+    image: ghcr.io/zalando/spilo-16:3.2-p2
+    container_name: postgres-2
+    networks:
+    - infisical
+    hostname: postgres-2
+    environment:
+        ETCD_HOSTS: etcd1:2379,etcd2:2379,etcd3:2379
+        PGPASSWORD_SUPERUSER: "postgres"
+        PGUSER_SUPERUSER: "postgres"
+        SCOPE: infisical
+    volumes:
+      - postgres_data2:/home/postgres/pgdata
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node2
+
+  spolo3:
+    image: ghcr.io/zalando/spilo-16:3.2-p2
+    container_name: postgres-3
+    networks:
+    - infisical
+    hostname: postgres-3
+    environment:
+        ETCD_HOSTS: etcd1:2379,etcd2:2379,etcd3:2379
+        PGPASSWORD_SUPERUSER: "postgres"
+        PGUSER_SUPERUSER: "postgres"
+        SCOPE: infisical
+    volumes:
+      - postgres_data3:/home/postgres/pgdata
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node3
+
+
+  redis_replica0:
+    image: bitnami/redis:6.2.10
+    environment:
+      - REDIS_REPLICATION_MODE=master
+      - REDIS_PASSWORD=123456
+    networks:
+      - infisical
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node1
+
+  redis_replica1:
+    image: bitnami/redis:6.2.10
+    environment:
+      - REDIS_REPLICATION_MODE=slave
+      - REDIS_MASTER_HOST=redis_replica0
+      - REDIS_MASTER_PORT_NUMBER=6379
+      - REDIS_MASTER_PASSWORD=123456
+      - REDIS_PASSWORD=123456
+    networks:
+      - infisical
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node2
+
+  redis_replica2:
+    image: bitnami/redis:6.2.10
+    environment:
+      - REDIS_REPLICATION_MODE=slave
+      - REDIS_MASTER_HOST=redis_replica0
+      - REDIS_MASTER_PORT_NUMBER=6379
+      - REDIS_MASTER_PASSWORD=123456
+      - REDIS_PASSWORD=123456
+    networks:
+      - infisical
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node3
+
+  redis_sentinel1:
+    image: bitnami/redis-sentinel:6.2.10
+    environment:
+      - REDIS_SENTINEL_QUORUM=2
+      - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=5000
+      - REDIS_SENTINEL_FAILOVER_TIMEOUT=60000
+      - REDIS_SENTINEL_PORT_NUMBER=26379
+      - REDIS_MASTER_HOST=redis_replica1
+      - REDIS_MASTER_PORT_NUMBER=6379
+      - REDIS_MASTER_PASSWORD=123456
+    networks:
+      - infisical
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node1
+
+  redis_sentinel2:
+    image: bitnami/redis-sentinel:6.2.10
+    environment:
+      - REDIS_SENTINEL_QUORUM=2
+      - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=5000
+      - REDIS_SENTINEL_FAILOVER_TIMEOUT=60000
+      - REDIS_SENTINEL_PORT_NUMBER=26379
+      - REDIS_MASTER_HOST=redis_replica1
+      - REDIS_MASTER_PORT_NUMBER=6379
+      - REDIS_MASTER_PASSWORD=123456
+    networks:
+      - infisical
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node2
+
+  redis_sentinel3:
+    image: bitnami/redis-sentinel:6.2.10
+    environment:
+      - REDIS_SENTINEL_QUORUM=2
+      - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=5000
+      - REDIS_SENTINEL_FAILOVER_TIMEOUT=60000
+      - REDIS_SENTINEL_PORT_NUMBER=26379
+      - REDIS_MASTER_HOST=redis_replica1
+      - REDIS_MASTER_PORT_NUMBER=6379
+      - REDIS_MASTER_PASSWORD=123456
+    networks:
+      - infisical
+    deploy:
+      placement:
+        constraints:
+          - node.labels.name == node3
+
+networks:
+  infisical:
+
+
+volumes:
+  postgres_data1:
+  postgres_data2:
+  postgres_data3:
+  postgres_data4:
+  redis0:
+  redis1:
+  redis2:
+
+configs:
+  haproxy-config:
+    file: ./haproxy.cfg
+
+secrets:
+  env_file:
+    file: .env
+    ```
+  </Tab>
+  <Tab title="HA Proxy config">
+    ```text haproxy.cfg
+global
+    maxconn 10000
+    log stdout format raw local0
+
+defaults
+    log global
+    mode tcp
+    retries 3
+    timeout client 30m
+    timeout connect 10s
+    timeout server 30m
+    timeout check 5s
+
+listen stats
+    mode http
+    bind *:7000
+    stats enable
+    stats uri /
+
+resolvers hostdns
+    nameserver dns 127.0.0.11:53
+    resolve_retries 3
+    timeout resolve 1s
+    timeout retry 1s
+    hold valid 5s
+
+frontend master
+    bind *:5433
+    default_backend master_backend
+
+frontend replicas
+    bind *:5434
+    default_backend replica_backend
+
+
+backend master_backend
+    option httpchk GET /master
+    http-check expect status 200
+    default-server inter 3s fall 3 rise 2 on-marked-down shutdown-sessions
+    server postgres-1 postgres-1:5432 check port 8008 resolvers hostdns
+    server postgres-2 postgres-2:5432 check port 8008 resolvers hostdns
+    server postgres-3 postgres-3:5432 check port 8008 resolvers hostdns
+
+backend replica_backend
+    option httpchk GET /replica
+    http-check expect status 200
+    default-server inter 3s fall 3 rise 2 on-marked-down shutdown-sessions
+    server postgres-1 postgres-1:5432 check port 8008 resolvers hostdns
+    server postgres-2 postgres-2:5432 check port 8008 resolvers hostdns
+    server postgres-3 postgres-3:5432 check port 8008 resolvers hostdns
+
+
+frontend redis_frontend
+  bind *:6379
+  default_backend redis_backend
+
+backend redis_backend
+  option tcp-check
+  tcp-check send AUTH\ 123456\r\n
+  tcp-check expect string +OK
+  tcp-check send PING\r\n
+  tcp-check expect string +PONG
+  tcp-check send info\ replication\r\n
+  tcp-check expect string role:master
+  tcp-check send QUIT\r\n
+  tcp-check expect string +OK
+  server redis_master redis_replica0:6379 check inter 1s
+  server redis_replica1 redis_replica1:6379 check inter 1s
+  server redis_replica2 redis_replica2:6379 check inter 1s
+
+frontend infisical_frontend
+  bind *:8080
+  default_backend infisical_backend
+
+backend infisical_backend
+  option httpchk GET /api/status
+  http-check expect status 200
+  server infisical infisical:8080 check inter 1s
+    ```
+  </Tab>
+  <Tab title=".example-env">
+  ```env .env 
+  # Keys
+# Required key for platform encryption/decryption ops
+# THIS IS A SAMPLE ENCRYPTION KEY AND SHOULD NEVER BE USED FOR PRODUCTION
+ENCRYPTION_KEY=6c1fe4e407b8911c104518103505b218
+
+# JWT
+# Required secrets to sign JWT tokens
+# THIS IS A SAMPLE AUTH_SECRET KEY AND SHOULD NEVER BE USED FOR PRODUCTION
+AUTH_SECRET=5lrMXKKWCVocS/uerPsl7V+TX/aaUaI7iDkgl3tSmLE=
+
+DB_CONNECTION_URI=postgres://infisical:infisical@haproxy:5433/infisical?sslmode=no-verify
+# Redis
+REDIS_URL=redis://:123456@haproxy:6379
+
+
+# Website URL
+# Required
+SITE_URL=http://localhost:8080
+
+# Mail/SMTP 
+SMTP_HOST=
+SMTP_PORT=
+SMTP_NAME=
+SMTP_USERNAME=
+SMTP_PASSWORD=
+
+# Integration
+# Optional only if integration is used
+CLIENT_ID_HEROKU=
+CLIENT_ID_VERCEL=
+CLIENT_ID_NETLIFY=
+CLIENT_ID_GITHUB=
+CLIENT_ID_GITLAB=
+CLIENT_ID_BITBUCKET=
+CLIENT_SECRET_HEROKU=
+CLIENT_SECRET_VERCEL=
+CLIENT_SECRET_NETLIFY=
+CLIENT_SECRET_GITHUB=
+CLIENT_SECRET_GITLAB=
+CLIENT_SECRET_BITBUCKET=
+CLIENT_SLUG_VERCEL=
+
+# Sentry (optional) for monitoring errors
+SENTRY_DSN=
+
+# Infisical Cloud-specific configs
+# Ignore - Not applicable for self-hosted version
+POSTHOG_HOST=
+POSTHOG_PROJECT_API_KEY=
+
+# SSO-specific variables
+CLIENT_ID_GOOGLE_LOGIN=
+CLIENT_SECRET_GOOGLE_LOGIN=
+
+CLIENT_ID_GITHUB_LOGIN=
+CLIENT_SECRET_GITHUB_LOGIN=
+
+CLIENT_ID_GITLAB_LOGIN=
+CLIENT_SECRET_GITLAB_LOGIN=
+  ```
+  </Tab>
+</Tabs>
+
+The provided Docker stack YAML file defines the services and their configurations for deploying Infisical with high availability. The main components of this stack are as follows.
+
+1. **HAProxy**: The HAProxy service is configured to expose ports for accessing PostgreSQL (5433 for the master, 5434 for replicas), Redis master (6379), and the Infisical backend (8080). It uses a config file (`haproxy.cfg`) to define the load balancing and health check rules.
+
+2. **Infisical**: The Infisical backend service is deployed with the latest PostgreSQL-compatible image. It is connected to the `infisical` network and uses secrets for environment variables.
+
+3. **etcd**: Three etcd instances (etcd1, etcd2, etcd3) are deployed, one on each node, to provide distributed key-value storage for leader election and configuration management.
+
+4. **Spilo**: Three Spilo instances (spolo1, spolo2, spolo3) are deployed, one on each node, to run PostgreSQL with Patroni for high availability. They are connected to the `infisical` network and use persistent volumes for data storage.
+
+5. **Redis**: Three Redis instances (redis_replica0, redis_replica1, redis_replica2) are deployed, one on each node, with redis_replica0 acting as the master. They are connected to the `infisical` network.
+
+6. **Redis Sentinel**: Three Redis Sentinel instances (redis_sentinel1, redis_sentinel2, redis_sentinel3) are deployed, one on each node, to monitor and manage the Redis instances. They are connected to the `infisical` network.
+
+## HAProxy Configuration
+
+The HAProxy configuration file (`haproxy.cfg`) defines the load balancing and health check rules for the PostgreSQL and Redis instances.
+
+1. **Stats**: This section enables the HAProxy statistics dashboard, accessible at port 7000.
+
+2. **Resolvers**: This section defines the DNS resolver for service discovery, using the Docker embedded DNS server.
+
+3. **Frontend**: There are separate frontend sections for the PostgreSQL master (port 5433), PostgreSQL replicas (port 5434), Redis (port 6379), and the Infisical backend (port 8080). Each frontend binds to the respective port and defines the default backend.
+
+4. **Backend**: The backend sections define the servers and health check rules for each service.
+   - For PostgreSQL, there are separate backends for the master and replicas. The health check is performed using an HTTP request to the `/master` or `/replica` endpoint, expecting a 200 status code.
+   - For Redis, the backend uses a TCP health check with authentication and expects the role to be `master` for the Redis master instance.
+   - For the Infisical backend, the health check is performed using an HTTP request to the `/api/status` endpoint, expecting a 200 status code.
+
+## Setting Up Docker Nodes
+
+1. Initialize Docker Swarm on one of the VMs by running the following command:
+
+   ```
+   docker swarm init --advertise-addr <MANAGER_NODE_IP>
+   ```
+
+   Replace `<MANAGER_NODE_IP>` with the IP address of the VM that will serve as the manager node. Remember to copy the join token returned by the this init command.
+
+2. On the other VMs, join the Docker Swarm by running the command provided by the manager node:
+
+   ```
+   docker swarm join --token <JOIN_TOKEN> <MANAGER_NODE_IP>:2377
+   ```
+
+   Replace `<JOIN_TOKEN>` with the token provided by the manager node during initialization.
+
+3. Label the nodes with `node.labels.name` to specify their roles. For example:
+
+   ```
+   docker node update --label-add name=node1 <NODE1_ID>
+   docker node update --label-add name=node2 <NODE2_ID>
+   docker node update --label-add name=node3 <NODE3_ID>
+   ```
+
+   Replace `<NODE1_ID>`, `<NODE2_ID>`, and `<NODE3_ID>` with the respective node IDs. 
+   To view the list of nodes and their ids, run the following on the manager node `docker node ls`.
+
+## Deploying the Docker Stack
+
+1. Copy the provided Docker stack YAML file and the HAProxy configuration file to the manager node.
+
+2. Deploy the stack using the following command:
+
+   ```
+   docker stack deploy -c infisical-stack.yaml infisical
+   ```
+
+   This command deploys the stack with the specified configuration.
+3. Run the [schema migration](/self-hosting/configuration/schema-migrations) to initialize the database. 
+To connect to the Postgres database, use the following default credentials: username: `postgres` and password: `postgres`. 
+
+## Scaling and Resilience
+
+To further scale and make the system more resilient, you can add more nodes to the Docker Swarm and update the stack configuration accordingly:
+
+1. Add new VMs and join them to the Docker Swarm as worker nodes.
+
+2. Update the Docker stack YAML file to include the new nodes in the `deploy` section of the relevant services, specifying the appropriate `node.labels.name` constraints.
+
+3. Update the HAProxy configuration file (`haproxy.cfg`) to include the new nodes in the backend sections for PostgreSQL and Redis.
+
+4. Redeploy the updated stack using the `docker stack deploy` command.
+
+Note that the database containers (PostgreSQL) are stateful and cannot be simply replicated. Instead, one database instance is deployed per node to ensure data consistency and avoid conflicts.
+
+<Check>Once all services are running as expected, you may visit the IP address of the node where the HA Proxy was deployed. This should take you to the Infisical installation wizard.</Check>

docs/self-hosting/reference-architectures/on-premise.mdx

@@ -1,70 +0,0 @@
----
-title: "On-premise"
-description: "Reference architecture for self-hosting Infisical on premise"
----
-
-Deploying Infisical on-premise with high availability requires deep knowledge in areas like networking, container orchestration, and database management. 
-This guide presents a reference architecture that outlines how to achieve such a deployment effectively. 
-For organizations that do not have the necessary resources or expertise, we recommend opting for managed, dedicated Infisical instances or engaging professional services to mitigate the complexities. 
-
-## System Overview
-![On premise architecture](/images/self-hosting/reference-architectures/on-premise-architecture.png)
-
-The architecture above utilizes a combination of Kubernetes for orchestrating stateless components and virtual machines (VMs) or bare metal for stateful components.
-The infrastructure spans multiple data centers for redundancy and load distribution, enhancing availability and disaster recovery capabilities. 
-You may duplicate the architecture in multiple data centers and join them via Consul to increase availability. This way, if one data center is out of order, active data centers will take over workloads.
-
-### Stateful vs stateless workloads
-
-To reduce the challenges of managing state within Kubernetes, including storage provisioning, persistent volume management, and intricate data backup and recovery processes, we strongly recommend deploying stateful components on Virtual Machines (VMs) or bare metal.
-As depicted in the architecture, Infisical is intentionally deployed on Kubernetes to leverage its strengths in managing stateless applications. 
-Being stateless, Infisical fully benefits from Kubernetes' features like horizontal scaling, self-healing, and rolling updates and rollbacks.
-
-## Core Components
-
-### Kubernetes Cluster
-Infisical is deployed on a Kubernetes cluster, which allows for container management, auto-scaling, and self-healing capabilities. 
-A load balancer sits in front of the Kubernetes cluster, directing traffic and ensuring even load distribution across the application nodes.
-This is the entry point where all other services will interact with Infisical.
-
-
-### Consul as the Networking Backbone
-Consul is an critical component in the reference architecture, serving as a unified service networking layer that links and controls services across different environments and data centers. 
-It functions as the common communication channel between data centers for stateless applications on Kubernetes and stateful services such as databases on dedicated VMs or bare metal.
-
-
-### Postgres with Patroni
-The database layer is powered by Postgres, with [Patroni](https://patroni.readthedocs.io/en/latest/) providing automated management to create a high availability setup. Patroni leverages Consul for several critical operations:
-
-- **Redundancy:** By managing a cluster of one primary and multiple secondary Postgres nodes, the architecture ensures redundancy. 
-The primary node handles all the write operations, and secondary nodes handle read operations and are prepared to step up in case of primary failure.
-
-- **Failover and Service Discovery:** Consul is integrated with Patroni for service discovery and health checks. 
-When Patroni detects that the primary node is unhealthy, it uses Consul to elect a new primary node from the secondaries, thereby ensuring that the database service remains available.
-
-- **Data Center Awareness:** Patroni configured with Consul is aware of the multi-data center setup and can handle failover across data centers if necessary, which further enhances the system's availability.
-
-### Redis with Redis Sentinel
-For caching and message brokering:
-
-- Redis is deployed with a primary-replica setup.
-- Redis Sentinel monitors the Redis nodes, providing automatic failover and service discovery.
-- Write operations go to the primary node, and replicas serve read operations, ensuring data integrity and availability.
-
-## Multi data center deployment
-Infisical can be deployed across a number of data centers to both increase performance and resiliency to disaster scenarios. 
-For mission critical deployment of Infisical, we recommend deploying Infisical on at least 3 data centers to reduce downtime in the event of complete data center malfunction.
-
-### Data Center A
-Data Center A houses the primary nodes of both Postgres and Redis, which handle all write operations. The secondary nodes and replicas serve as hot standbys for failover. Consul servers maintain the state of the cluster, elect a leader, and facilitate service discovery.
-
-### $n^{th}$ data center
-The $n^{th}$ data center acts as a performance and disaster recovery site, featuring a mesh gateway that enables cross-data center service discovery and configuration. It houses additional secondary nodes for Postgres and Redis replicas, which are ready to be promoted in case the primary data center fails. Additionally, this data center can reduce the latency of applications that need to interact with Infisical, particularly if those applications or services are geographically closer to this data center.
-
-## Considerations
-
-The complexity of an on-premise deployment scales with the level of availability required. This reference architecture provides a robust framework for organizations aiming for high availability and disaster resilience. However, it's important to recognize that this is not a one-size-fits-all solution.
-
-Organizations with less stringent Recovery Time Objectives (RTO) might find that [simpler deployments methods](/self-hosting/deployment-options/docker-compose) using tools such as Docker Compose are adequate. Such setups can still provide a reasonable level of service continuity without the complexities involved in managing a multi-data center environment with Kubernetes, Consul, and other high-availability components.
-
-Ultimately, the choice of architecture should be guided by a thorough analysis of business needs, available resources, and expertise.