diff --git a/resources/bin/rb_configure_leader.sh b/resources/bin/rb_configure_leader.sh index 1bb5f21..e5c9e9e 100755 --- a/resources/bin/rb_configure_leader.sh +++ b/resources/bin/rb_configure_leader.sh @@ -122,13 +122,14 @@ function configure_dataBags(){ HASH_FUNCTION="SHA256" ## Data bags ## + mkdir -p /var/chef/data/data_bag_encrypted/passwords/ mkdir -p /var/chef/data/data_bag/passwords/ mkdir -p /var/chef/data/data_bag/rBglobal/ mkdir -p /var/chef/data/data_bag/certs/ mkdir -p /var/chef/data/data_bag/backend/ ## DB opscode (chef) passwords - cat > /var/chef/data/data_bag/passwords/db_opscode_chef.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/db_opscode_chef.json <<-_RBEOF_ { "id": "db_opscode_chef", "username": "opscode_chef", @@ -188,7 +189,6 @@ _RBEOF_ } _RBEOF_ - mkdir -p /var/chef/data/data_bag_encrypted/passwords/ cat > /var/chef/data/data_bag_encrypted/passwords/vrrp.json <<-_RBEOF_ { "id": "vrrp", @@ -199,7 +199,7 @@ _RBEOF_ _RBEOF_ # DB druid passwords - cat > /var/chef/data/data_bag/passwords/db_druid.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/db_druid.json <<-_RBEOF_ { "id": "db_druid", "username": "druid", @@ -211,7 +211,7 @@ _RBEOF_ _RBEOF_ # DB redborder passwords - cat > /var/chef/data/data_bag/passwords/db_redborder.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/db_redborder.json <<-_RBEOF_ { "id": "db_redborder", "username": "redborder", @@ -223,7 +223,7 @@ _RBEOF_ _RBEOF_ # DB radius passwords - cat > /var/chef/data/data_bag/passwords/db_radius.json <<- _RBEOF2_ + cat > /var/chef/data/data_bag_encrypted/passwords/db_radius.json <<- _RBEOF2_ { "id": "db_radius", "username": "radius", @@ -235,7 +235,7 @@ _RBEOF_ _RBEOF2_ # Vault passwords - cat > /var/chef/data/data_bag/passwords/vault.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/vault.json <<-_RBEOF_ { "id": "vault", "hash_key": "$HASH_KEY", @@ -276,7 +276,7 @@ _RBEOF_ #webui secret token WEBISECRET="`< /dev/urandom tr -dc A-Za-z0-9 | head -c128 | sed 's/ //g'`" - cat > /var/chef/data/data_bag/passwords/webui_secret.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/webui_secret.json <<-_RBEOF_ { "id": "webui_secret", "secret": "$WEBISECRET" @@ -285,7 +285,7 @@ _RBEOF_ #redis password token REDIS_SECRET="`< /dev/urandom tr -dc A-Za-z0-9 | head -c128 | sed 's/ //g'`" - cat > /var/chef/data/data_bag/passwords/redis.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/redis.json <<-_RBEOF_ { "id": "redis", "pass": "$REDIS_SECRET" @@ -295,7 +295,7 @@ _RBEOF_ #airflow password token AIRFLOW_USER="airflow" AIRFLOW_SECRET="`< /dev/urandom tr -dc A-Za-z0-9 | head -c32 | sed 's/ //g'`" - cat > /var/chef/data/data_bag/passwords/db_airflow.json <<-_RBEOF_ + cat > /var/chef/data/data_bag_encrypted/passwords/db_airflow.json <<-_RBEOF_ { "id": "db_airflow", "user": "$AIRFLOW_USER", diff --git a/resources/bin/rb_create_rsa.sh b/resources/bin/rb_create_rsa.sh index 2a2ef9f..c728249 100755 --- a/resources/bin/rb_create_rsa.sh +++ b/resources/bin/rb_create_rsa.sh @@ -41,11 +41,11 @@ if [ "x$OVR" == "xy" -o "x$OVR" == "xY" ]; then \"public_rsa\": \"`cat /var/www/rb-rails/config/rsa.pub`\" }" > $JSON - knife data bag from file passwords $JSON + knife data bag from file rBglobal $JSON rm -f $JSON echo "Checking NEW ssh rsa databag: " - knife data bag show passwords ssh + knife data bag show rBglobal ssh if [ $? -eq 0 ]; then UPLOAD=1 fi