From 83cc540bfca87597c5d84a614c795e0c14b0f92c Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Thu, 15 Oct 2020 04:51:28 -0400
Subject: [PATCH] Update: iiab-admin/defaults/main.yml

---
 roles/iiab-admin/defaults/main.yml | 29 ++++++++++-------------------
 1 file changed, 10 insertions(+), 19 deletions(-)

diff --git a/roles/iiab-admin/defaults/main.yml b/roles/iiab-admin/defaults/main.yml
index 080962fbf..34cc7865f 100644
--- a/roles/iiab-admin/defaults/main.yml
+++ b/roles/iiab-admin/defaults/main.yml
@@ -1,24 +1,15 @@
-# Must keep roles/0-init/defaults/main.yml sync'd ?  (Seems no longer true as of 2018-10-15)
+# Please read more about the 'iiab-admin' Linux user, for login to IIAB's
+# Admin Console (http://box.lan/admin) AND to help you at the command-line:
+# https://github.com/iiab/iiab/tree/master/roles/iiab-admin
+# https://github.com/iiab/iiab-admin-console/blob/master/Authentication.md
 
-# Set iiab_admin_user_install: False if you don't want iiab_admin_user & wheel
-# group auto-created in roles/iiab-admin/tasks/main.yml (hence disabling sudo-
-# checks/warnings of published passwds like pi/raspberry & iiab-admin/g0adm1n).
+# iiab_admin_user: iiab-admin    # Some prefer to reuse 'pi' or 'ubuntu' etc.
+
+# Set iiab_admin_user_install: False if you don't want iiab_admin_user auto-
+# configured e.g. by IIAB's 1-line installer & iiab-admin/tasks/admin-user.yml
 # iiab_admin_user_install: True
-# If iiab_admin_user_install: False, set iiab_admin_user (below) to an existing
-# Linux user that has sudo access, for login to Admin Console http://box/admin
-
-# ODDLY THIS IS ALSO USED BY roles/usb-lib/tasks/main.yml TO SET GROUP PERM FOR /library/www/html/local_content (ISN'T {{ apache_user }} MORE APPROPRIATE?)
-# iiab_admin_user: iiab-admin
-
-# For live checks/alerts of published pwds
-# iiab_admin_published_pwd: g0adm1n
-
-# Password hash to override above, if Ansible creates above user:
-# iiab_admin_pwd_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop.
-# Obtain a password hash - NEW MORE SECURE WAY:
-#    python3 -c 'import crypt; print(crypt.crypt("<plaintext>", crypt.mksalt(crypt.METHOD_SHA512)))'
-# Obtain a password hash - OLD WAY:
-#    python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")'
+# iiab_admin_can_sudo: True   # For /usr/bin/iiab-* support commands. Optional.
+# iiab_admin_published_pwd: g0adm1n   # Default password. For pwd warnings too.
 
 # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
 # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!