EDUCATIC
/
digitaldemocratic
mirror of https://gitlab.com/digitaldemocratic/digitaldemocratic
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[dd.conf] Cleanup some variables 

While at it, also ensure that API_SECRET gets rotated when running
./dd-ctl securize
merge-requests/64/head
Evilham 2023-01-11 11:36:53 +01:00
parent a72001dea5
commit e15a3b760c
No known key found for this signature in database
GPG Key ID: AE3EE30D970886BF
2 changed files with 8 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dd-ctl
View File

@ -894,10 +894,10 @@ securize() {
ETHERPAD_POSTGRES_PASSWORD \ ETHERPAD_POSTGRES_PASSWORD \
ETHERPAD_ADMIN_PASSWORD \ ETHERPAD_ADMIN_PASSWORD \
WORDPRESS_MARIADB_PASSWORD \ WORDPRESS_MARIADB_PASSWORD \
WORDPRESS_ADMIN_PASSWORD \ WORDPRESS_ADMIN_PASSWORD; do
IPA_ADMIN_PWD; do
setconf "${dd_var}" "$(genpwd)" setconf "${dd_var}" "$(genpwd)"
done done
setconf "API_SECRET" "$(openssl rand -base64 32)"
} }
setconf() { setconf() {

18
dd.conf.sample
View File

@ -61,9 +61,9 @@ SMTP_PASSWORD=SuperSecret
SMTP_PROTOCOL=tls SMTP_PROTOCOL=tls
## DEFAULT CUSTOM ROLE NAMES ## DEFAULT CUSTOM ROLE NAMES
CUSTOM_ROLE_MANAGER='manager' #CUSTOM_ROLE_MANAGER='manager'
CUSTOM_ROLE_TEACHER='teacher' #CUSTOM_ROLE_TEACHER='teacher'
CUSTOM_ROLE_STUDENT='student' #CUSTOM_ROLE_STUDENT='student'
DDADMIN_USER=ddadmin DDADMIN_USER=ddadmin
@ -73,7 +73,7 @@ DDADMIN_EMAIL=theemail@mymailserver.com
# ------ Api Secret ----------------------------------------------------------- # ------ Api Secret -----------------------------------------------------------
## Generate your own SECRET! (or apply securize script) ## Generate your own SECRET! (or apply securize script)
## openssl rand -base64 32 ## openssl rand -base64 32
API_SECRET=LYY1kVYzbTSQx1yC4AauY7R6X34Jaz6+SY8CNC6RSno= #API_SECRET=LYY1kVYzbTSQx1yC4AauY7R6X34Jaz6+SY8CNC6RSno=
## ADMINAPP (https://admin.$DOMAIN) ## ADMINAPP (https://admin.$DOMAIN)
##============================================================================= ##=============================================================================
@ -130,22 +130,16 @@ ETHERPAD_POSTGRES_USER=etherpad
ETHERPAD_POSTGRES_PASSWORD=3th3rpad ETHERPAD_POSTGRES_PASSWORD=3th3rpad
### ETHERPAD_API_KEY=NotImplemented ### ETHERPAD_API_KEY=NotImplemented
## POSTGRES (https://sso.$DOMAIN/dd-sso-adminer) ## POSTGRES
##============================================================================= ##=============================================================================
### The adminer user/pwd is admin/$KEYCLOAK_PASSWORD
POSTGRES_USER=admin POSTGRES_USER=admin
POSTGRES_PASSWORD=postgrespostgres POSTGRES_PASSWORD=postgrespostgres
## MARIADB (https://sso.$DOMAIN/dd-sso-adminer) ## MARIADB
##============================================================================= ##=============================================================================
### The adminer user/pwd is admin/$KEYCLOAK_PASSWORD
### MARIADB_USER=root (it is the defaults in the container ### MARIADB_USER=root (it is the defaults in the container
MARIADB_PASSWORD=SuperSecret MARIADB_PASSWORD=SuperSecret
## FREEIPA (disabled)
##=============================================================================
IPA_ADMIN_PWD=freeipafreeipa
## ACCEPT PROXY PROTOCOL ON 8888 (HTTP) AND 561 (HTTPS) ## ACCEPT PROXY PROTOCOL ON 8888 (HTTP) AND 561 (HTTPS)
#PROXY_PROTOCOL=false #PROXY_PROTOCOL=false