From a27d74ad2a8235c742f53d2d173b5679647bd576 Mon Sep 17 00:00:00 2001 From: Ernest Mallett Date: Sat, 21 Jun 2025 10:22:00 -0500 Subject: [PATCH] Remove credentials from config file --- config/stacks.yaml | 10 ---------- terraform/modules/proxy_service_stack/main.tf | 12 ++++++++++-- terraform/modules/proxy_service_stack/outputs.tf | 3 --- terraform/modules/proxy_service_stack/versions.tf | 7 +++++++ 4 files changed, 17 insertions(+), 15 deletions(-) delete mode 100644 terraform/modules/proxy_service_stack/outputs.tf create mode 100644 terraform/modules/proxy_service_stack/versions.tf diff --git a/config/stacks.yaml b/config/stacks.yaml index 6042eec..065c6fb 100644 --- a/config/stacks.yaml +++ b/config/stacks.yaml @@ -14,8 +14,6 @@ service_name: "prowlarr" service_port: 9696 image_name: "linuxserver/prowlarr:1.37.0" - username: "default_username" - password: "ProwlarrPassword1!" domain_name: "prowlarr.dcapi.app" ip_address: "192.168.5.22" mounts: @@ -26,8 +24,6 @@ service_name: "sonarr" service_port: 8989 image_name: "linuxserver/sonarr:4.0.14.2939-ls281" - username: "default_username" - password: "SonarrPassword1!" domain_name: "sonarr.dcapi.app" ip_address: "192.168.5.23" mounts: @@ -38,8 +34,6 @@ service_name: "radarr" service_port: 7878 image_name: "linuxserver/radarr:5.26.2" - username: "default_username" - password: "RadarrPassword1!" domain_name: "radarr.dcapi.app" ip_address: "192.168.5.24" mounts: @@ -49,8 +43,6 @@ service_name: "lidarr" service_port: 8686 image_name: "linuxserver/lidarr:2.13.0-develop" - username: "default_username" - password: "LidarrPassword1!" domain_name: "lidarr.dcapi.app" ip_address: "192.168.5.25" mounts: @@ -60,8 +52,6 @@ service_name: "readarr" service_port: 8787 image_name: "linuxserver/readarr:0.4.17-develop" - username: "default_username" - password: "ReadarrPassword1!" domain_name: "readarr.dcapi.app" ip_address: "192.168.5.26" mounts: diff --git a/terraform/modules/proxy_service_stack/main.tf b/terraform/modules/proxy_service_stack/main.tf index bdb5f30..5103257 100644 --- a/terraform/modules/proxy_service_stack/main.tf +++ b/terraform/modules/proxy_service_stack/main.tf @@ -31,6 +31,14 @@ module "service_dns" { //Note: This will still require manually navigating to the service and setting up the credentials on the first run +resource "random_password" "service_password" { + for_each = var.stack.services + + length = 24 + special = true + override_special = "!#$%&*()-_=+[]{}<>:?" +} + module "authentication" { source = "../proxy_auth" for_each = var.stack.services @@ -45,8 +53,8 @@ module "authentication" { user_to_add_to_access_group = var.admin_username access_group_attributes = jsonencode( { - "${each.value.service_name}_username" : each.value.username, - "${each.value.service_name}_password" : each.value.password + "${each.value.service_name}_username" : "admin", + "${each.value.service_name}_password" : random_password.service_password[each.key].result } ) } \ No newline at end of file diff --git a/terraform/modules/proxy_service_stack/outputs.tf b/terraform/modules/proxy_service_stack/outputs.tf deleted file mode 100644 index 32f1867..0000000 --- a/terraform/modules/proxy_service_stack/outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "container_names" { - value = [for docker in module.service_docker : docker.name] -} \ No newline at end of file diff --git a/terraform/modules/proxy_service_stack/versions.tf b/terraform/modules/proxy_service_stack/versions.tf new file mode 100644 index 0000000..f93f9ae --- /dev/null +++ b/terraform/modules/proxy_service_stack/versions.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + random = { + source = "hashicorp/random" + } + } +} \ No newline at end of file