[dd.conf] Cleanup some variables

While at it, also ensure that API_SECRET gets rotated when running ./dd-ctl securize
2023-01-11 11:36:53 +01:00 · 2023-01-11 11:36:53 +01:00 · e15a3b760c
parent a72001dea5
commit e15a3b760c
2 changed files with 8 additions and 14 deletions
--- a/4
+++ b/4
@ -894,10 +894,10 @@ securize() {
 			ETHERPAD_POSTGRES_PASSWORD \
 			ETHERPAD_ADMIN_PASSWORD \
 			WORDPRESS_MARIADB_PASSWORD \
-			WORDPRESS_ADMIN_PASSWORD \
-			IPA_ADMIN_PWD; do
+			WORDPRESS_ADMIN_PASSWORD; do
 		setconf "${dd_var}" "$(genpwd)"
 	done
+	setconf "API_SECRET" "$(openssl rand -base64 32)"
 }

 setconf() {
--- a/dd.conf.sample
+++ b/dd.conf.sample
@ -61,9 +61,9 @@ SMTP_PASSWORD=SuperSecret
 SMTP_PROTOCOL=tls

 ## DEFAULT CUSTOM ROLE NAMES
-CUSTOM_ROLE_MANAGER='manager'
-CUSTOM_ROLE_TEACHER='teacher'
-CUSTOM_ROLE_STUDENT='student'
+#CUSTOM_ROLE_MANAGER='manager'
+#CUSTOM_ROLE_TEACHER='teacher'
+#CUSTOM_ROLE_STUDENT='student'


 DDADMIN_USER=ddadmin
@ -73,7 +73,7 @@ DDADMIN_EMAIL=theemail@mymailserver.com
 # ------ Api Secret -----------------------------------------------------------
 ## Generate your own SECRET! (or apply securize script)
 ## openssl rand -base64 32
-API_SECRET=LYY1kVYzbTSQx1yC4AauY7R6X34Jaz6+SY8CNC6RSno=
+#API_SECRET=LYY1kVYzbTSQx1yC4AauY7R6X34Jaz6+SY8CNC6RSno=

 ## ADMINAPP (https://admin.$DOMAIN)
 ##=============================================================================
@ -130,22 +130,16 @@ ETHERPAD_POSTGRES_USER=etherpad
 ETHERPAD_POSTGRES_PASSWORD=3th3rpad
 ### ETHERPAD_API_KEY=NotImplemented

-## POSTGRES (https://sso.$DOMAIN/dd-sso-adminer)
+## POSTGRES
 ##=============================================================================
-### The adminer user/pwd is admin/$KEYCLOAK_PASSWORD
 POSTGRES_USER=admin
 POSTGRES_PASSWORD=postgrespostgres

-## MARIADB (https://sso.$DOMAIN/dd-sso-adminer)
+## MARIADB
 ##=============================================================================
-### The adminer user/pwd is admin/$KEYCLOAK_PASSWORD
 ### MARIADB_USER=root (it is the defaults in the container
 MARIADB_PASSWORD=SuperSecret

-## FREEIPA (disabled)
-##=============================================================================
-IPA_ADMIN_PWD=freeipafreeipa
-
 ## ACCEPT PROXY PROTOCOL ON 8888 (HTTP) AND 561 (HTTPS)
 #PROXY_PROTOCOL=false