From 83cc540bfca87597c5d84a614c795e0c14b0f92c Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 15 Oct 2020 04:51:28 -0400 Subject: [PATCH] Update: iiab-admin/defaults/main.yml --- roles/iiab-admin/defaults/main.yml | 29 ++++++++++------------------- 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/roles/iiab-admin/defaults/main.yml b/roles/iiab-admin/defaults/main.yml index 080962fbf..34cc7865f 100644 --- a/roles/iiab-admin/defaults/main.yml +++ b/roles/iiab-admin/defaults/main.yml @@ -1,24 +1,15 @@ -# Must keep roles/0-init/defaults/main.yml sync'd ? (Seems no longer true as of 2018-10-15) +# Please read more about the 'iiab-admin' Linux user, for login to IIAB's +# Admin Console (http://box.lan/admin) AND to help you at the command-line: +# https://github.com/iiab/iiab/tree/master/roles/iiab-admin +# https://github.com/iiab/iiab-admin-console/blob/master/Authentication.md -# Set iiab_admin_user_install: False if you don't want iiab_admin_user & wheel -# group auto-created in roles/iiab-admin/tasks/main.yml (hence disabling sudo- -# checks/warnings of published passwds like pi/raspberry & iiab-admin/g0adm1n). +# iiab_admin_user: iiab-admin # Some prefer to reuse 'pi' or 'ubuntu' etc. + +# Set iiab_admin_user_install: False if you don't want iiab_admin_user auto- +# configured e.g. by IIAB's 1-line installer & iiab-admin/tasks/admin-user.yml # iiab_admin_user_install: True -# If iiab_admin_user_install: False, set iiab_admin_user (below) to an existing -# Linux user that has sudo access, for login to Admin Console http://box/admin - -# ODDLY THIS IS ALSO USED BY roles/usb-lib/tasks/main.yml TO SET GROUP PERM FOR /library/www/html/local_content (ISN'T {{ apache_user }} MORE APPROPRIATE?) -# iiab_admin_user: iiab-admin - -# For live checks/alerts of published pwds -# iiab_admin_published_pwd: g0adm1n - -# Password hash to override above, if Ansible creates above user: -# iiab_admin_pwd_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. -# Obtain a password hash - NEW MORE SECURE WAY: -# python3 -c 'import crypt; print(crypt.crypt("", crypt.mksalt(crypt.METHOD_SHA512)))' -# Obtain a password hash - OLD WAY: -# python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' +# iiab_admin_can_sudo: True # For /usr/bin/iiab-* support commands. Optional. +# iiab_admin_published_pwd: g0adm1n # Default password. For pwd warnings too. # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!