Browse Source

Password lookup called wrong, all generated passwords were 20 chars long, regardless of specification.

Thomas Buck 5 years ago
parent
commit
5215ac9a25

+ 4
- 4
roles/blog/defaults/main.yml View File

@@ -5,14 +5,14 @@ secret: '{{ secret_root + "/" + secret_name }}'
5 5
 
6 6
 # must match values in roles/common
7 7
 db_admin_username: 'postgres'
8
-db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password', length=32) }}"
8
+db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password length=32') }}"
9 9
 
10 10
 fathom_db_username: 'fathom'
11
-fathom_db_password: "{{ lookup('password', secret + '/' + 'fathom_db_password', length=32) }}"
11
+fathom_db_password: "{{ lookup('password', secret + '/' + 'fathom_db_password length=32') }}"
12 12
 fathom_db_database: 'fathom'
13 13
 fathom_admin_username: "{{ admin_email }}"
14
-fathom_admin_password: "{{ lookup('password', secret + '/' + 'fathom_admin_password', length=32) }}"
14
+fathom_admin_password: "{{ lookup('password', secret + '/' + 'fathom_admin_password length=32') }}"
15 15
 fathom_internal_port: '9000'
16
-fathom_secret: "{{ lookup('password', secret + '/' + 'fathom_secret', length=32) }}"
16
+fathom_secret: "{{ lookup('password', secret + '/' + 'fathom_secret length=32') }}"
17 17
 fathom_version: '1.2.1'
18 18
 fathom_release: "https://github.com/usefathom/fathom/releases/download/v{{ fathom_version }}/fathom_{{ fathom_version }}_linux_amd64.tar.gz"

+ 1
- 1
roles/common/defaults/main.yml View File

@@ -10,7 +10,7 @@ secret_name: 'secret'
10 10
 secret: '{{ secret_root + "/" + secret_name }}'
11 11
 
12 12
 db_admin_username: 'postgres'
13
-db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password', length=32) }}"
13
+db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password length=32') }}"
14 14
 
15 15
 # let's encrypt
16 16
 letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"

+ 2
- 2
roles/mailserver/defaults/main.yml View File

@@ -4,10 +4,10 @@ secret: '{{ secret_root + "/" + secret_name }}'
4 4
 
5 5
 # must match values in roles/common
6 6
 db_admin_username: 'postgres'
7
-db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password', length=32) }}"
7
+db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password length=32') }}"
8 8
 
9 9
 mail_db_username: 'mailuser'
10
-mail_db_password: "{{ lookup('password', secret + '/' + 'mail_db_password', length=32) }}"
10
+mail_db_password: "{{ lookup('password', secret + '/' + 'mail_db_password length=32') }}"
11 11
 mail_db_database: 'mailserver'
12 12
 
13 13
 mail_server_hostname: "mail.{{ domain }}"

+ 2
- 2
roles/news/defaults/main.yml View File

@@ -4,7 +4,7 @@ secret: '{{ secret_root + "/" + secret_name }}'
4 4
 
5 5
 selfoss_domain: "news.{{ domain }}"
6 6
 selfoss_db_username: selfoss
7
-selfoss_db_password: "{{ lookup('password', secret + '/' + 'selfoss_db_password', length=32) }}"
7
+selfoss_db_password: "{{ lookup('password', secret + '/' + 'selfoss_db_password length=32') }}"
8 8
 selfoss_db_database: selfoss
9 9
 selfoss_version: 2.16
10 10
 
@@ -14,4 +14,4 @@ selfoss_password_hash: "{{ lookup('password', secret + '/' + 'selfoss_password_h
14 14
 
15 15
 # must match values in roles/common
16 16
 db_admin_username: 'postgres'
17
-db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password', length=32) }}"
17
+db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password length=32') }}"

+ 1
- 1
roles/owncloud/defaults/main.yml View File

@@ -4,5 +4,5 @@ secret: '{{ secret_root + "/" + secret_name }}'
4 4
 
5 5
 owncloud_domain: "cloud.{{ domain }}"
6 6
 owncloud_db_username: owncloud
7
-owncloud_db_password: "{{ lookup('password', secret + '/' + 'owncloud_db_password', length=32) }}"
7
+owncloud_db_password: "{{ lookup('password', secret + '/' + 'owncloud_db_password length=32') }}"
8 8
 owncloud_db_database: owncloud

+ 1
- 1
roles/webmail/templates/etc_roundcube_config.inc.j2 View File

@@ -69,7 +69,7 @@ $config['product_name'] = '{{ domain }} Webmail';
69 69
 // in the session record (and the client cookie if remember password is enabled).
70 70
 // please provide a string of exactly 24 chars.
71 71
 // YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
72
-$config['des_key'] = '{{ lookup('password', secret + '/' + 'roundcube_des_key', length=24) }}';
72
+$config['des_key'] = '{{ lookup('password', secret + '/' + 'roundcube_des_key length=24') }}';
73 73
 
74 74
 // List of active plugins (in plugins/ directory)
75 75
 // Debian: install roundcube-plugins first to have any

Loading…
Cancel
Save