[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: LDAP bindPassword in Ansible inventory



Well adding this to the inventory file doesn't work (even if the files are copied to masters before hand).

'bindPassword': {'file': '/root/bindPassword.encrypted', 'keyFile': '/root/bindPassword.key'},

Is there any way to encrypt the bindPassword in the inventory file?

On 21 October 2017 at 11:43, Lionel Orellana <lionelve gmail com> wrote:
Looking at the master role it just copies the configuration from the inventory to the config file so I do have to copy the encryption files beforehand. Will have to try if the format in the inventory file is right.
On Sat, 21 Oct 2017 at 9:15 am, Lionel Orellana <lionelve gmail com> wrote:
Hi,

I see there's a way to encrypt an ldap bind password for use in the master configs.

But I'm not sure how this would work in the Ansible inventory configuration for the identity provider. 

If I use an Encrypted External File do I need to copy the file to all the masters first? Or is the playbook going to copy it from the ansible host? 

What should the openshift_master_identity_providers look like?

openshift_master_identity_providers=[{'name': 'my_ldap_provider', ..., 'kind': 'LDAPPasswordIdentityProvider', ..., 'bindPassword': { 'file': 'bindPassword.encrypted'
    'keyFile': 'bindPassword.key'}, ...}]

Thanks


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]