From f1cc074c0f14170d1a249c71d40439363f1ce4dc Mon Sep 17 00:00:00 2001
From: Aidan Fitzgerald <duckjr159@gmail.com>
Date: Sun, 22 Jul 2018 23:29:57 -0400
Subject: [PATCH] Setup config file for local-only mode, add password
 generation

---
 roles/lokole/defaults/main.yml              |  3 +++
 roles/lokole/tasks/install.yml              | 10 +---------
 roles/lokole/templates/webapp_secrets.sh.j2 | 10 ++--------
 3 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml
index c6d2b6294..0c4da9fac 100644
--- a/roles/lokole/defaults/main.yml
+++ b/roles/lokole/defaults/main.yml
@@ -17,6 +17,9 @@ lokole_abs_path: "{{ lokole_install_path }}/lokole-{{ lokole_version }}"
 
 lokole_venv: "{{ lokole_abs_path }}/venv"
 
+# TODO decide what directory to make this
+lokole_run_directory: "{{ lokole_abs_path }}"
+
 lokole_url: /lokole
 lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}/{{ lokole_url }}"
 
diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml
index 60500966d..b027b65f1 100644
--- a/roles/lokole/tasks/install.yml
+++ b/roles/lokole/tasks/install.yml
@@ -23,18 +23,10 @@
     - download
   when: internet_available
 
-# - name: Generate session key
-#   password:
-#     length: 32
-#     encrypt: no
-#     _terms: /dev/null
-#   tags:
-#     - configure
-
 - name: Configure Lokole
   template:
     src: webapp_secrets.sh.j2
-    dest: {{ lokole_wd }}/webapp_secrets.sh
+    dest: {{ lokole_run_directory }}/webapp_secrets.sh
   tags:
     - configure
 
diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.j2
index 1fec63686..11a2a8a2e 100644
--- a/roles/lokole/templates/webapp_secrets.sh.j2
+++ b/roles/lokole/templates/webapp_secrets.sh.j2
@@ -1,10 +1,4 @@
 export OPWEN_STATE_DIRECTORY='{{lokole_run_directory}}'
-export OPWEN_SESSION_KEY='{{lokole_config_session_key}}'
-export OPWEN_PASSWORD_SALT='{{opwen_webapp_config_password_salt}}'
-export OPWEN_ADMIN_SECRET='{{opwen_webapp_admin_secret}}'
-export OPWEN_REMOTE_ACCOUNT_NAME='{{opwen_webapp_config_remote_account_name}}'
-export OPWEN_REMOTE_ACCOUNT_KEY='{{opwen_webapp_config_remote_account_key}}'
-export OPWEN_CLIENT_ID='{{opwen_webapp_config_client_id}}'
+export OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32 encrypt=no }}'
+export OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16 encrypt=no }}'
 export OPWEN_CLIENT_NAME='iiab-{{ iiab_hostname }}'
-export OPWEN_EMAIL_SERVER_READ_API='{{opwen_server_read_host}}'
-export OPWEN_EMAIL_SERVER_WRITE_API='{{opwen_server_write_host}}'