My notes on editing the secret.yml config file based on the instruction here: https://www.mediawiki.org/wiki/Meza/Setup_SAML_authentication plus advice from James.
- Step 1: Set secret config
- run
#tr -c -d '0-9a-zA-Z' </dev/urandom | dd bs=32 count=1 2>/dev/null;echo
and paste the 32 character output to a scratch pad (notepad or whatever) as the salt code to be used below when needed - run
#tr -c -d '0-9a-zA-Z' </dev/urandom | dd bs=16 count=1 2>/dev/null;echo
and paste the 16 character output to a scratch pad (notepad or whatever) as the adminpassword to be used below when needed - discovered that
/opt/conf-meza/monolith/secret.yml
is encrypted, so the solution is provided to me as: - run
meza_env=monolith
to set the variablemeza_env
tomonolith
(my environment) - then run
sudo ansible-vault edit "/opt/conf-meza/secret/$meza_env/secret.yml" --vault-password-file "/opt/conf-meza/users/meza-ansible/.vault-pass-$meza_env.txt"
which will de-crypt the filesecret.yml
automatically launching it in readable text in the infamous "vi" editor. - Now to edit using the vi editor (vi notes)
- down arrow to the last character of the end of the and type
a
which will put you in "insert" mode and allow you to add new lines. - copy the text from the SAML link above into the secret.yml file at the end (
control-c
to copy it from notepad andright-click
to past it into "vi") - cursor up to the line that reads:
salt: <output of command from above>
and replace the<output of command from above>
with the salt code created above in step 1.1 - cursor down to the line that reads:
adminpassword: <your strong password>
and replace<your strong password>
with the adminpassword created in step 1.2 above - Type
:wq
to save and exit vi - exiting vi from the ansible-vault edit command automatically re-encrypts the file
- you should now be back at the system cli
- down arrow to the last character of the end of the and type
- run
- Step 2: Set public config
- ...