From 3a908cb9ace4ea8a6650b714aa143097032a614c Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 14:50:09 +0100 Subject: [PATCH] lldap --- docker-compose/traefik/configuration.yml.j2 | 2 +- group_vars/git.yml | 2 +- group_vars/ldap.yml | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index c71e84a9..6db79cef 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -75,6 +75,6 @@ authentication_backend: group_name: cn mail: mail user: uid=authelia_bind_user,ou=people,dc=mgrote,dc=net - password: '{{ lookup('viczem.keepass.keepass', 'lldap_authelia_bind_user', 'password') }}' + password: '{{ lookup('viczem.keepass.keepass', 'lldap/lldap_authelia_bind_user', 'password') }}' # Details/Doku: https://wiki.mgrote.net/pages/_Technik/hardware/rest/fpv/software/rest/ldap/ diff --git a/group_vars/git.yml b/group_vars/git.yml index e60d4252..a4bd879a 100644 --- a/group_vars/git.yml +++ b/group_vars/git.yml @@ -151,6 +151,6 @@ gitea_fail2ban_jail_action: "iptables-allports" gitea_ldap_host: "ldap.mgrote.net" gitea_ldap_base_path: "dc=mgrote,dc=net" gitea_ldap_bind_user: "forgejo_bind_user" -gitea_ldap_bind_pass: "{{ lookup('viczem.keepass.keepass', 'lldap_forgejo_bind_user', 'password') }}" +gitea_ldap_bind_pass: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_forgejo_bind_user', 'password') }}" gitea_admin_user: "fadmin" gitea_admin_user_pass: "{{ lookup('viczem.keepass.keepass', 'forgejo/forgejoadmin_user_pass', 'password') }}" diff --git a/group_vars/ldap.yml b/group_vars/ldap.yml index d9fefb71..77b0ae1e 100644 --- a/group_vars/ldap.yml +++ b/group_vars/ldap.yml @@ -41,13 +41,13 @@ lldap_http_port: 17170 lldap_http_host: "0.0.0.0" lldap_ldap_host: "0.0.0.0" lldap_public_url: http://ldap.mgrote.net:17170 -lldap_jwt_secret: "{{ lookup('viczem.keepass.keepass', 'lldap_jwt_secret', 'password') }}" +lldap_jwt_secret: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_jwt_secret', 'password') }}" lldap_ldap_base_dn: "dc=mgrote,dc=net" lldap_admin_username: ladmin # only used on setup -lldap_admin_password: "{{ lookup('viczem.keepass.keepass', 'lldap_ldap_user_pass', 'password') }}" # only used on setup; also bind-secret +lldap_admin_password: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_ldap_user_pass', 'password') }}" # only used on setup; also bind-secret lldap_admin_mailaddress: lldap-admin@mgrote.net # only used on setup lldap_database_url: "postgres://{{ lldap_db_user }}:{{ lldap_db_pass }}@{{ lldap_db_host }}/{{ lldap_db_name }}" -lldap_key_seed: "{{ lookup('viczem.keepass.keepass', 'lldap_key_seed', 'password') }}" +lldap_key_seed: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_key_seed', 'password') }}" #lldap_smtp_from: "lldap@mgrote.net" # unused in role lldap_smtp_reply_to: "Do not reply " lldap_smtp_server: "docker10.mgrote.net" @@ -58,6 +58,6 @@ lldap_smtp_enable_password_reset: "true" # must be a string not a boolean # "meta vars"; daraus werden die db-url und die postgres-db abgeleitet lldap_db_name: "lldap" lldap_db_user: "lldap" -lldap_db_pass: "{{ lookup('viczem.keepass.keepass', 'lldap_db_pass', 'password') }}" +lldap_db_pass: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_db_pass', 'password') }}" lldap_db_host: "localhost" ...