lldap

docker-compose/traefik/configuration.yml.j2

@@ -75,6 +75,6 @@ authentication_backend:
       group_name: cn
       mail: mail
     user: uid=authelia_bind_user,ou=people,dc=mgrote,dc=net
-    password: '{{ lookup('viczem.keepass.keepass', 'lldap_authelia_bind_user', 'password') }}'
+    password: '{{ lookup('viczem.keepass.keepass', 'lldap/lldap_authelia_bind_user', 'password') }}'
 
 # Details/Doku: https://wiki.mgrote.net/pages/_Technik/hardware/rest/fpv/software/rest/ldap/

group_vars/git.yml

@@ -151,6 +151,6 @@ gitea_fail2ban_jail_action: "iptables-allports"
 gitea_ldap_host: "ldap.mgrote.net"
 gitea_ldap_base_path: "dc=mgrote,dc=net"
 gitea_ldap_bind_user: "forgejo_bind_user"
-gitea_ldap_bind_pass: "{{ lookup('viczem.keepass.keepass', 'lldap_forgejo_bind_user', 'password') }}"
+gitea_ldap_bind_pass: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_forgejo_bind_user', 'password') }}"
 gitea_admin_user: "fadmin"
 gitea_admin_user_pass: "{{ lookup('viczem.keepass.keepass', 'forgejo/forgejoadmin_user_pass', 'password') }}"

group_vars/ldap.yml

@@ -41,13 +41,13 @@ lldap_http_port: 17170
 lldap_http_host: "0.0.0.0"
 lldap_ldap_host: "0.0.0.0"
 lldap_public_url: http://ldap.mgrote.net:17170
-lldap_jwt_secret: "{{ lookup('viczem.keepass.keepass', 'lldap_jwt_secret', 'password') }}"
+lldap_jwt_secret: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_jwt_secret', 'password') }}"
 lldap_ldap_base_dn: "dc=mgrote,dc=net"
 lldap_admin_username: ladmin # only used on setup
-lldap_admin_password: "{{ lookup('viczem.keepass.keepass', 'lldap_ldap_user_pass', 'password') }}" # only used on setup; also bind-secret
+lldap_admin_password: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_ldap_user_pass', 'password') }}" # only used on setup; also bind-secret
 lldap_admin_mailaddress: lldap-admin@mgrote.net # only used on setup
 lldap_database_url: "postgres://{{ lldap_db_user }}:{{ lldap_db_pass }}@{{ lldap_db_host }}/{{ lldap_db_name }}"
-lldap_key_seed: "{{ lookup('viczem.keepass.keepass', 'lldap_key_seed', 'password') }}"
+lldap_key_seed: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_key_seed', 'password') }}"
 #lldap_smtp_from: "lldap@mgrote.net" # unused in role
 lldap_smtp_reply_to: "Do not reply <info@mgrote.net>"
 lldap_smtp_server: "docker10.mgrote.net"
@@ -58,6 +58,6 @@ lldap_smtp_enable_password_reset: "true" # must be a string not a boolean
 # "meta vars"; daraus werden die db-url und die postgres-db abgeleitet
 lldap_db_name: "lldap"
 lldap_db_user: "lldap"
-lldap_db_pass: "{{ lookup('viczem.keepass.keepass', 'lldap_db_pass', 'password') }}"
+lldap_db_pass: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_db_pass', 'password') }}"
 lldap_db_host: "localhost"
 ...