Overview
Rousseau needs credentials for every backend it touches: API keys for LLM providers, bot tokens for chat transports, IMAP/SMTP passwords, cloud auth. This guide covers where they should live in production.
Three postures
Best for personal workstations and one-off daemons.
export ANTHROPIC_API_KEY='sk-ant-…'
export ROUSSEAU_SLACK_APP_TOKEN='xapp-…'
export ROUSSEAU_SLACK_BOT_TOKEN='xoxb-…'
Under systemd user units, the same idea in the [Service] section:
Environment=ROUSSEAU_LOG_FORMAT=json
EnvironmentFile=%h/.config/rousseau/secrets.env
Set secrets.env to chmod 600. Never commit it. Use direnv for shells.
Acceptable when the machine is single-tenant and the file is 0600.
install -m 0600 /dev/null ~/.config/rousseau/config.yaml
$EDITOR ~/.config/rousseau/config.yaml
Never commit config.yaml. If versioning config, keep a config.example.yaml and gitignore the real one.
Best for shared/production infrastructure. Two common patterns:
- systemd LoadCredential — put the secret in a manager (Vault,
sops, GCP Secret Manager), fetch it in a pre-start unit, hand it to rousseau viaLoadCredential=which exposes it under${CREDENTIALS_DIRECTORY}.
[Service]
LoadCredential=anthropic:%t/rousseau/anthropic
ExecStartPre=/usr/local/bin/fetch-secret anthropic > %t/rousseau/anthropic
ExecStart=/bin/sh -c 'export ANTHROPIC_API_KEY=$$(cat ${CREDENTIALS_DIRECTORY}/anthropic); exec rousseau slack'
- Vault agent template — Vault Agent renders
secrets.envand pushes SIGHUP to rousseau. Simpler and works withEnvironmentFile=.
Per-transport map
| Field | YAML | Env |
|---|---|---|
| Anthropic API key | anthropic.api_key |
ANTHROPIC_API_KEY (magic) |
| Bedrock | AWS credential chain | AWS_PROFILE, AWS_REGION |
| Vertex | vertex.credentials_file |
GOOGLE_APPLICATION_CREDENTIALS |
| Slack app token | slack.app_token |
ROUSSEAU_SLACK_APP_TOKEN |
| Slack bot token | slack.bot_token |
ROUSSEAU_SLACK_BOT_TOKEN |
| Discord | discord.token |
ROUSSEAU_DISCORD_TOKEN |
| Telegram | telegram.token |
ROUSSEAU_TELEGRAM_TOKEN |
| Matrix | matrix.access_token |
ROUSSEAU_MATRIX_ACCESS_TOKEN |
| Email IMAP pw | email.imap_password |
ROUSSEAU_EMAIL_IMAP_PASSWORD |
| Email SMTP pw | email.smtp_password |
ROUSSEAU_EMAIL_SMTP_PASSWORD |
| SMS (Twilio) | sms.auth_token |
ROUSSEAU_SMS_AUTH_TOKEN |
| iMessage | imessage.password |
ROUSSEAU_IMESSAGE_PASSWORD |
Rotation discipline
- Rotate LLM API keys quarterly. Bedrock/Vertex use the cloud IAM lifecycle instead.
- Rotate bot tokens whenever an operator leaves the org.
- After any suspected secret leak, revoke via the provider console first, then re-issue.
Detection
- Enable
govulncheckand secret-scanning in CI (trufflehog,gitleaks). - Grep
journalctl -u rousseau-*.serviceforsk-ant-fragments — rousseau logs mask sensitive fields (mask()ininternal/cli/doctor.go), but callers should audit any custom code.
Anti-patterns
- Committing
config.yamlto a public repository. export ANTHROPIC_API_KEY=sk-…in.bashrcon a shared host.- Storing secrets in the same directory as the workspace bind mount.
- Reusing a Slack app token across production and dev workspaces.