Skip to content

Commit

Permalink
Password in quotes and explicit hash type
Browse files Browse the repository at this point in the history
  • Loading branch information
@ingalls
ingalls committed Oct 23, 2024
1 parent 69f2bdd commit 02d141a
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
16 changes: 8 additions & 8 deletions cloudformation/lib/api.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,15 +230,15 @@ export default {
ContainerPort: 389
}],
Environment: [
{ Name: 'StackName', Value: cf.stackName },
{ Name: 'AWS_DEFAULT_REGION', Value: cf.region },
{ Name: 'LDAP_ORGANISATION', Value: cf.ref('LDAPOrganisation') },
{ Name: 'LDAP_DOMAIN', Value: cf.ref('LDAPDomain') },
{ Name: 'LDAP_ADMIN_USERNAME', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:username:AWSCURRENT}}') },
{ Name: 'LDAP_ADMIN_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:password:AWSCURRENT}}') },
{ Name: 'LDAP_SVC_USERNAME', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/svc:SecretString:password:AWSCURRENT}}') },
{ Name: 'LDAP_SVC_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/svc:SecretString:password:AWSCURRENT}}') },
{ Name: 'StackName', Value: cf.stackName },
{ Name: 'AWS_DEFAULT_REGION', Value: cf.region },
{ Name: 'LDAP_ORGANISATION', Value: cf.ref('LDAPOrganisation') },
{ Name: 'LDAP_DOMAIN', Value: cf.ref('LDAPDomain') },
{ Name: 'LDAP_ADMIN_USERNAME', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:username:AWSCURRENT}}') },
{ Name: 'LDAP_ADMIN_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:password:AWSCURRENT}}') },
{ Name: 'LDAP_CONFIG_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:password:AWSCURRENT}}') }
{ Name: 'LDAP_SVC_USERNAME', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/svc:SecretString:username:AWSCURRENT}}') },
{ Name: 'LDAP_SVC_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/svc:SecretString:password:AWSCURRENT}}') },
],
LogConfiguration: {
LogDriver: 'awslogs',
Expand Down
2 changes: 1 addition & 1 deletion start
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ TLD="$(echo "${LDAP_DOMAIN}" | sed 's/^.*\.//')"
echo "ORG: ${ORG}"
echo "TLD: ${TLD}"

SERVICE_PASSWORD="$(slappasswd -s ${LDAP_SVC_PASSWORD})"
SERVICE_PASSWORD="$(slappasswd -h "{SSHA}" -s "${LDAP_SVC_PASSWORD}")"

for filename in /container/templates/*.ldif; do
echo "Building ${filename}"
Expand Down

0 comments on commit 02d141a

Please sign in to comment.