Sets a password for LAM config

2020-08-25 09:32:19 +02:00 · 2020-08-25 09:32:19 +02:00 · 2be2f8ead5
parent f9a8baa956
commit 2be2f8ead5
2 changed files with 23 additions and 2 deletions
--- a/manifests/lam.pp
+++ b/manifests/lam.pp
@ -11,7 +11,7 @@ class wmdeit_ldap::lam(
 	$master_password_salt = "ABCD1234",

 	$configs = {
-		"wmde" => ""
+		"wmde" => {}
 	}

 ) {
@ -83,6 +83,26 @@ class wmdeit_ldap::lam(
 	}

 	$configs.each | String $name, $conf | {
+		$password =  $conf['password'] ? {
+			undef          => '1234',
+			default        => $conf['password'],
+		}
+		$password_salt =  $conf['password_salt'] ? {
+			undef          => '5678',
+			default        => $conf['password_salt'],
+		}
+
+		$encoded_password= strip (regsubst(
+			generate ("/bin/sh", "-c", "echo -n $password$password_salt | openssl dgst -binary -sha1 | openssl base64")
+		, '\n', "\n "))
+
+		$encoded_password_salt = strip(regsubst(
+		 generate("/bin/sh","-c", "echo -n $password_salt | openssl base64")
+		,  '\n', "\n "))
+
+
+
+
 		file {"$docroot/config/$name.conf":
 			ensure => file,
 			content => template("wmdeit_ldap/wmde.conf.erb"),
--- a/templates/wmde.conf.erb
+++ b/templates/wmde.conf.erb
@ -13,7 +13,8 @@ ServerURL: ldap://localhost:389
 Admins: cn=admin,dc=wikimedia,dc=de

 # password to change these preferences via webfrontend (default: lam)
-Passwd: {SSHA}T7uRmkbOgzr9k0BVJi1GvqqwJJQ= iaZAeQ==
+#Passwd: {SSHA}T7uRmkbOgzr9k0BVJi1GvqqwJJQ= iaZAeQ==
+Passwd: {SSHA}<%= @encoded_password %> <%= @encoded_password_salt %>

 # suffix of tree view
 # e.g. dc=yourdomain,dc=org