From 2f7f5f924ac49071a2044792298605f1dc2a283c Mon Sep 17 00:00:00 2001 From: Grzegorz Koper Date: Wed, 14 Aug 2024 20:34:23 +0200 Subject: [PATCH] Fixing wazuh password generation. Defining set of special characters to omit "`" and "'" which leads to issues More description: https://github.com/stackhpc/stackhpc-kayobe-config/issues/1226 --- etc/kayobe/ansible/templates/wazuh-secrets.yml.j2 | 2 +- etc/kayobe/ansible/wazuh-secrets.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/etc/kayobe/ansible/templates/wazuh-secrets.yml.j2 b/etc/kayobe/ansible/templates/wazuh-secrets.yml.j2 index 887cc6b44..583c1efa4 100644 --- a/etc/kayobe/ansible/templates/wazuh-secrets.yml.j2 +++ b/etc/kayobe/ansible/templates/wazuh-secrets.yml.j2 @@ -7,7 +7,7 @@ secrets_wazuh: # Strengthen default wazuh api user pass wazuh_api_users: - username: "wazuh" - password: "{{ secrets_wazuh.wazuh_api_users[0].password | default(lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1, length=30)) }}" + password: "{{ secrets_wazuh.wazuh_api_users[0].password | default(lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1, length=30, override_special=override_special_characters)) }}" # OpenSearch 'admin' user pass opendistro_admin_password: "{{ secrets_wazuh.opendistro_admin_password | default(lookup('password', '/dev/null'), true) }}" # OpenSearch 'kibanaserver' user pass diff --git a/etc/kayobe/ansible/wazuh-secrets.yml b/etc/kayobe/ansible/wazuh-secrets.yml index a1b725aba..16b0a09f7 100644 --- a/etc/kayobe/ansible/wazuh-secrets.yml +++ b/etc/kayobe/ansible/wazuh-secrets.yml @@ -3,6 +3,7 @@ gather_facts: false vars: wazuh_secrets_path: "{{ kayobe_env_config_path }}/wazuh-secrets.yml" + override_special_characters: '"#$%&()*+,-./:;<=>?@[\]^_{|}~' tasks: - name: install passlib[bcrypt] pip: