infra/ansible
4
5
Fork 5
Code Issues 6 Pull Requests 3 Activity

Use ansible vault for secrets #23

New Issue
Closed
opened 2019-02-19 07:53:08 +01:00 by moepman · 5 comments
moepman commented 2019-02-19 07:53:08 +01:00
Owner
Copy Link

At least the following files have passwords or secrets which need to be changed from hard coded strings to variables derived from the ansible vault:

  • roles/bk-dss/templates/config.cfg.j2
  • roles/dhcpd/templates/dhcp/dhcpd.conf.j2
  • roles/slapd/templates/slapd.conf.j2
At least the following files have passwords or secrets which need to be changed from hard coded strings to variables derived from the ansible vault: * roles/bk-dss/templates/config.cfg.j2 * roles/dhcpd/templates/dhcp/dhcpd.conf.j2 * roles/slapd/templates/slapd.conf.j2
moepman commented 2019-03-25 14:23:53 +01:00
Author
Owner
Copy Link

roles/bk-dss/templates/config.cfg.j2 fixed in 407409010e

roles/bk-dss/templates/config.cfg.j2 fixed in 407409010ee98ef66c8f60ba31d334c1f751b762
moepman commented 2020-02-03 18:43:38 +01:00
Author
Owner
Copy Link

roles/dhcpd/templates/dhcp/dhcpd.conf.j2 fixed in 3e27ad3bde

roles/dhcpd/templates/dhcp/dhcpd.conf.j2 fixed in 3e27ad3bde3a7efd81b040eaad8d2a414386a096
moepman commented 2020-02-03 19:24:04 +01:00
Author
Owner
Copy Link

roles/slapd/templates/slapd.conf.j2 fixed in 786ecd554f

roles/slapd/templates/slapd.conf.j2 fixed in 786ecd554f9f2b693cf7bbcdb948b2e2d30e49cd
moepman commented 2020-02-17 22:23:03 +01:00
Author
Owner
Copy Link

roles/mail/files/rspamd/local.d/worker-controller.inc needs fixing

roles/mail/files/rspamd/local.d/worker-controller.inc needs fixing
moepman reopened this issue 2020-02-17 22:23:03 +01:00
kishi commented 2020-02-29 20:54:07 +01:00
Owner
Copy Link

roles/mail/files/rspamd/local.d/worker-controller.inc contains only hashes. additionally these passwords are unused as the controller is bound to localhost only, which is exempt from password checks.

roles/mail/files/rspamd/local.d/worker-controller.inc contains only hashes. additionally these passwords are unused as the controller is bound to localhost only, which is exempt from password checks.
kishi closed this issue 2020-02-29 20:54:07 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
bug

   
duplicate

   
enhancement

   
help wanted

   
invalid

   
question

   
security

   
wontfix
No Label
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
2020 Q1
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: infra/ansible#23
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?