Skip to content

Change admin password? #6

New issue
New issue
Open
Open
Change admin password?#6
@fabricesemti80

Description

@fabricesemti80
fabricesemti80
opened on Jul 13, 2023

I am not sure how feasible it is, but in my user case, I struggled a bit to change the starting admin password, as I did not want to leave it as admin:admin

I did what it described here - well, sort of...

I modified the pre-install.sh:

#!/bin/bash

# this script creates random passwords
# and updates the .env file

# create a new environment file

# random password for Database connection
RANDOMPASSWORD=`date +%s | sha256sum | base64 | head -c 32`
ADMINPASSWORD='changeme'
CODEPASSWORD='changeme'

# the hostname which we can use in order to access rundeck
# from the outside.
# we set this to the hostname of the docker host
GRAILS_HOST_NAME=`hostname`

(cat >.env) <<EOF
# a random password for database connection
RUNDECK_DATABASE_USERNAME=rundeck
RUNDECK_DATABASE_PASSWORD=$RANDOMPASSWORD
RUNDECK_DATABASE_DRIVER=org.mariadb.jdbc.Driver
RUNDECK_GRAILS_URL=http://${GRAILS_HOST_NAME}:4440
RUNDECK_DATABASE_URL=jdbc:mysql://mariadb/rundeck?autoReconnect=true&useSSL=false
MARIADB_DATABASE=rundeck
MYSQL_DATABASE=rundeck
MARIADB_RANDOM_ROOT_PASSWORD=yes
MYSQL_RANDOM_ROOT_PASSWORD=yes
#MARIADB_MYSQL_LOCALHOST_USER=rundeck
#MARIADB_MYSQL_LOCALHOST_GRANTS=all
MARIADB_USER=rundeck
MARIADB_PASSWORD=$RANDOMPASSWORD
MYSQL_USER=rundeck
MYSQL_PASSWORD=$RANDOMPASSWORD
VSCODE_PASSWORD=$CODEPASSWORD
EOF

# set starter admin password - https://groups.google.com/g/rundeck-discuss/c/sya3vljcsco/m/_ZN71uJKAQAJ
(cat >realm.properties) <<EOF
#
# This file defines users passwords and roles for a HashUserRealm
#
# The format is
#  <username>: <password>[,<rolename> ...]
#
# Passwords may be clear text, obfuscated or checksummed.  The class
# org.mortbay.util.Password should be used to generate obfuscated
# passwords or password checksums
#
# This sets the temporary user accounts for the Rundeck app
#
admin:$ADMINPASSWORD,user,admin
user:user,user

#
# example users matching the example aclpolicy template roles
#
#project-admin:admin,user,project_admin
#job-runner:admin,user,job_runner
#job-writer:admin,user,job_writer
#job-reader:admin,user,job_reader
#job-viewer:admin,user,job_viewer
EOF

RANDOMPASSWORD="nothing here"

and I added this to the Dockerfile:

COPY --chown=rundeck:root realm.properties /home/rundeck/server/config

Perhaps it is just me fancying this, and I am sure there is a better way to implement it - but it worked, so...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions