Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / a414dff1ac53640268c1694100aea524b6dff1c7^! / . / defaults / secrets.yml
commita414dff1ac53640268c1694100aea524b6dff1c7[log] [tgz]
authorsgarbuz <sgarbuz@mirantis.com>Wed Mar 20 15:56:03 2019 +0200
committerazvyagintsev <azvyagintsev@mirantis.com>Wed Mar 27 17:39:37 2019 +0200
treea95a85321cf33f0c7ff68b8d05d23965d78663af
parent612afd81da304deeff45f60c45405260fe338948 [diff] [blame]
Drop odd keys from structure

 * Disable root login by default
 * Drop odd lab users|key

Depends-On: https://gerrit.mcp.mirantis.com/#/c/37337/

Change-Id: I052696aa4662251dfe9db76759fbca18985b8e79
Related-Prod: PROD-27456 (PROD:27456)

diff --git a/defaults/secrets.yml b/defaults/secrets.yml
new file mode 100644
index 0000000..65b7bce
--- /dev/null
+++ b/defaults/secrets.yml

@@ -0,0 +1,82 @@
+# All commented params just for reference, should be auto-generated
+# Actually all must be genertated but keep some uncommented for backward
+# compatibility.
+parameters:
+  _param:
+#   PostgreSQL
+#    postgresql_admin_user_password: <<CHANGEME>>
+#    postgresql_client_password: <<CHANGEME>>
+#    rundeck_db_user_password: <<CHANGEME>>
+#    sfdc_db_user_password: <<CHANGEME>>
+#    alertmanager_db_user_password: <<CHANGEME>>
+#    pushkin_db_user_password: <<CHANGEME>>
+#    postgresql_billometer_password: <<CHANGEME>>
+#    postgresql_graphite_password: <<CHANGEME>>
+
+#   Opencontrail
+    opencontrail_identity_password: contrail123
+#    opencontrail_stats_password: <<CHANGEME>>
+    opencontrail_message_queue_password: guest
+
+#   RabbitMQ
+#    rabbitmq_monitor_password: <<CHANGEME>>
+#    rabbitmq_admin_password: <<CHANGEME>>
+    rabbitmq_guest_password: guest
+#    rabbitmq_billometer_password: <<CHANGEME>>
+#    rabbitmq_graphite_password: <<CHANGEME>>
+#    rabbitmq_cold_password: <<CHANGEME>>
+#    rabbitmq_secret_key: <<CHANGEME>>
+
+#   Keepalived
+#    keepalived_k8s_apiserver_vip_password: <<CHANGEME>>
+#    keepalived_openstack_web_public_vip_password: <<CHANGEME>>
+#    keepalived_openstack_baremetal_password: <<CHANGEME>>
+    keepalived_openstack_telemetry_vip_password: password
+#    keepalived_openstack_manila_vip_password: <<CHANGEME>>
+#    keepalived_openstack_barbican_vip_password: <<CHANGEME>>
+
+#   Jenkins
+#    jenkins_admin_password: <<CHANGEME>>
+#    jenkins_client_password: <<CHANGEME>>
+#    jenkins_security_ldap_manager_password: <<CHANGEME>>
+#    oss_jenkins_password: <<CHANGEME>>
+
+#   Gerrit/LDAP
+    gerrit_ldap_bind_password: password
+
+#   Docker
+#    keycloak_admin_password: <<CHANGEME>>
+#    kqueen_api_ldap_password: <<CHANGEME>>
+#    kqueen_credentials:
+#      kqueen_api_admin_password: <<CHANGEME>>
+#    pushkin_email_sender_password: <<CHANGEME>>
+#    sfdc_password: <<CHANGEME>>
+
+#   Billometer
+#    keystone_billometer_password: <<CHANGEME>>
+
+#   Nova
+#    metadata_password: <<CHANGEME>>
+#    nova_compute_ssh_public: <<CHANGEME>>
+#    nova_compute_ssh_private: <<CHANGEME>>
+
+
+#   Grafana
+#    grafana_password: <<CHANGEME>>
+#    grafana_database_password: <<CHANGEME>>
+
+#   Keystone
+#    keystone_admin_password: <<CHANGEME>>
+#    mysql_admin_password: <<CHANGEME>>
+#    mysql_keystone_password: <<CHANGEME>>
+
+#   Kubernetes
+    kubernetes_openstack_provider_cloud_password: password
+
+#   Galera
+#    galera_clustercheck_password: <<CHANGEME>>
+
+#    Generic
+#    root_private_key:
+#    root_public_key:
+