Update main.yml

2025-03-09 15:40:17 +00:00 · 2018-10-15 03:42:04 -04:00 · 2018-10-15 03:42:04 -04:00 · d2543f625b
commit d2543f625b
parent d9765e8c1b
1 changed files with 17 additions and 2 deletions
--- a/roles/iiab-admin/defaults/main.yml
+++ b/roles/iiab-admin/defaults/main.yml
@ -1,6 +1,21 @@
 # Must keep roles/0-init/defaults/main.yml sync'd ?  (Seems no longer true as of 2018-10-15)

-iiab_admin_install: True
+# Set iiab_admin_user_install: False if you don't want iiab_admin_user & wheel
+# group auto-created in roles/iiab-admin/tasks/main.yml (hence disabling sudo-
+# checks/warnings of published passwds like pi/raspberry & iiab-admin/g0adm1n).
+iiab_admin_user_install: True
+# If iiab_admin_user_install: False, set iiab_admin_user (below) to an existing
+# Linux user that has sudo access, for login to Admin Console http://box/admin

-# Oddly this is used by roles/usb-lib/tasks/main.yml to set group perm for /library/www/html/local_content
+# ODDLY THIS IS ALSO USED BY roles/usb-lib/tasks/main.yml to set group perm for /library/www/html/local_content
 iiab_admin_user: iiab-admin
+
+# For live checks/alerts on published pwds
+iiab_admin_published_pwd: g0adm1n
+
+# Password hash to override above, if Ansible creates above user:
+iiab_admin_pwd_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop.
+# Obtain a password hash - NEW MORE SECURE WAY:
+#    python3 -c 'import crypt; print(crypt.crypt("<plaintext>", crypt.mksalt(crypt.METHOD_SHA512)))'
+# Obtain a password hash - OLD WAY:
+#    python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")'