Do not show passwords in Ansible output
This role prints passwords in Ansible outputs (e.g. when creating users, etc.). This is a problem because passwords must never appear in plaintext under any circunstances. This commit attempts to fix the problem described above. The option "no_log: true" has been added to tasks which may print passwords during Ansible execution.
This commit is contained in:
David Castellanos
parent
d10f2919b1
commit
01bcbcf167
|
|
@ -33,6 +33,7 @@
|
||||||
password: "{{ mongodb_user_admin_password }}",
|
password: "{{ mongodb_user_admin_password }}",
|
||||||
roles: "userAdminAnyDatabase"
|
roles: "userAdminAnyDatabase"
|
||||||
}
|
}
|
||||||
|
no_log: true
|
||||||
|
|
||||||
- name: create administrative user siteRootAdmin
|
- name: create administrative user siteRootAdmin
|
||||||
mongodb_user:
|
mongodb_user:
|
||||||
|
|
@ -48,6 +49,7 @@
|
||||||
password: "{{ mongodb_root_admin_password }}",
|
password: "{{ mongodb_root_admin_password }}",
|
||||||
roles: "root"
|
roles: "root"
|
||||||
}
|
}
|
||||||
|
no_log: true
|
||||||
|
|
||||||
- name: create backup user "backupuser"
|
- name: create backup user "backupuser"
|
||||||
mongodb_user:
|
mongodb_user:
|
||||||
|
|
@ -63,6 +65,7 @@
|
||||||
password: "{{ mongodb_root_backup_password }}",
|
password: "{{ mongodb_root_backup_password }}",
|
||||||
roles: "backup,clusterMonitor"
|
roles: "backup,clusterMonitor"
|
||||||
}
|
}
|
||||||
|
no_log: true
|
||||||
|
|
||||||
- name: Move back mongod.conf
|
- name: Move back mongod.conf
|
||||||
template: src=mongod.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0644
|
template: src=mongod.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0644
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,7 @@
|
||||||
when: ( mongodb_security_authorization == 'enabled'
|
when: ( mongodb_security_authorization == 'enabled'
|
||||||
and (not mongodb_replication_replset
|
and (not mongodb_replication_replset
|
||||||
or mongodb_replication_replset == '') )
|
or mongodb_replication_replset == '') )
|
||||||
|
no_log: true
|
||||||
tags: [mongodb]
|
tags: [mongodb]
|
||||||
|
|
||||||
- name: Include authorization configuration
|
- name: Include authorization configuration
|
||||||
|
|
@ -60,6 +61,7 @@
|
||||||
and mongodb_replication_replset != ''
|
and mongodb_replication_replset != ''
|
||||||
and mongodb_security_authorization == 'enabled'
|
and mongodb_security_authorization == 'enabled'
|
||||||
and mongodb_master is defined and mongodb_master )
|
and mongodb_master is defined and mongodb_master )
|
||||||
|
no_log: true
|
||||||
tags: [mongodb]
|
tags: [mongodb]
|
||||||
|
|
||||||
- name: create normal users without replicaset
|
- name: create normal users without replicaset
|
||||||
|
|
@ -77,6 +79,7 @@
|
||||||
when: ( mongodb_security_authorization == 'enabled'
|
when: ( mongodb_security_authorization == 'enabled'
|
||||||
and (not mongodb_replication_replset
|
and (not mongodb_replication_replset
|
||||||
or mongodb_replication_replset == '') )
|
or mongodb_replication_replset == '') )
|
||||||
|
no_log: true
|
||||||
tags: [mongodb]
|
tags: [mongodb]
|
||||||
|
|
||||||
- name: Include MMS Agent configuration
|
- name: Include MMS Agent configuration
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue