Set the ejabberd postgresql user from an encrypted data bag
This commit is contained in:
parent
2123279cdb
commit
cb75292d7f
|
@ -27,25 +27,18 @@ dpkg_package "ejabberd" do
|
|||
notifies :create, "file[/lib/systemd/system/ejabberd.service]", :immediately
|
||||
end
|
||||
|
||||
postgresql_connection_info = {
|
||||
host: '127.0.0.1',
|
||||
port: 5432,
|
||||
username: 'postgres',
|
||||
password: node['postgresql']['password']['postgres']
|
||||
}
|
||||
postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
|
||||
ejabberd_user_password = postgresql_data_bag_item['ejabberd_user_password']
|
||||
|
||||
postgresql_database 'ejabberd' do
|
||||
connection postgresql_connection_info
|
||||
action :create
|
||||
notifies :run, "execute[create db schema]", :delayed
|
||||
end
|
||||
|
||||
postgresql_database_user 'ejabberd' do
|
||||
connection postgresql_connection_info
|
||||
password 'super_secret'
|
||||
database_name 'ejabberd'
|
||||
privileges [:all]
|
||||
action [:create, :grant]
|
||||
postgresql_user 'ejabberd' do
|
||||
password ejabberd_user_password
|
||||
database 'ejabberd'
|
||||
action [:create]
|
||||
end
|
||||
|
||||
execute "create db schema" do
|
||||
|
@ -58,7 +51,7 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
|
|||
source "ejabberd.yml.erb"
|
||||
mode 0640
|
||||
sensitive true
|
||||
variables pgsql_password: "super_secret"
|
||||
variables pgsql_password: ejabberd_user_password
|
||||
notifies :run, "execute[ejabberdctl reload_config]", :delayed
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue