diff options
| author | Shane McDonald <me@shanemcd.com> | 2019-03-26 20:13:20 +0100 |
|---|---|---|
| committer | Shane McDonald <me@shanemcd.com> | 2019-03-26 20:13:28 +0100 |
| commit | 2b6cf971573185a46950c5a8fa3f9de14ede38ae (patch) | |
| tree | 7e252763da7551ef565b21dfc04460be29f545e4 /installer/roles/image_build | |
| parent | Remove “standalone Docker” installation path (diff) | |
| download | awx-2b6cf971573185a46950c5a8fa3f9de14ede38ae.tar.xz awx-2b6cf971573185a46950c5a8fa3f9de14ede38ae.zip | |
Do not set credentials via environment variables
Diffstat (limited to 'installer/roles/image_build')
| -rwxr-xr-x | installer/roles/image_build/files/launch_awx.sh | 5 | ||||
| -rwxr-xr-x | installer/roles/image_build/files/launch_awx_task.sh | 5 | ||||
| -rw-r--r-- | installer/roles/image_build/files/settings.py | 1 |
3 files changed, 10 insertions, 1 deletions
diff --git a/installer/roles/image_build/files/launch_awx.sh b/installer/roles/image_build/files/launch_awx.sh index a8198eed09..50ef773884 100755 --- a/installer/roles/image_build/files/launch_awx.sh +++ b/installer/roles/image_build/files/launch_awx.sh @@ -5,10 +5,15 @@ if [ `id -u` -ge 500 ]; then rm /tmp/passwd fi +source /etc/tower/conf.d/environment.sh + ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$DATABASE_HOST port=$DATABASE_PORT" all ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$MEMCACHED_HOST port=11211" all ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$RABBITMQ_HOST port=5672" all ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m postgresql_db --become-user $DATABASE_USER -a "name=$DATABASE_NAME owner=$DATABASE_USER login_user=$DATABASE_USER login_host=$DATABASE_HOST login_password=$DATABASE_PASSWORD port=$DATABASE_PORT" all awx-manage collectstatic --noinput --clear + +unset $(cut -d = -f -1 /etc/tower/conf.d/environment.sh) + supervisord -c /supervisor.conf diff --git a/installer/roles/image_build/files/launch_awx_task.sh b/installer/roles/image_build/files/launch_awx_task.sh index b672e76f0b..3165c33043 100755 --- a/installer/roles/image_build/files/launch_awx_task.sh +++ b/installer/roles/image_build/files/launch_awx_task.sh @@ -5,6 +5,8 @@ if [ `id -u` -ge 500 ]; then rm /tmp/passwd fi +source /etc/tower/conf.d/environment.sh + ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$DATABASE_HOST port=$DATABASE_PORT" all ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$MEMCACHED_HOST port=11211" all ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$RABBITMQ_HOST port=5672" all @@ -24,4 +26,7 @@ fi echo 'from django.conf import settings; x = settings.AWX_TASK_ENV; x["HOME"] = "/var/lib/awx"; settings.AWX_TASK_ENV = x' | awx-manage shell awx-manage provision_instance --hostname=$(hostname) awx-manage register_queue --queuename=tower --instance_percent=100 + +unset $(cut -d = -f -1 /etc/tower/conf.d/environment.sh) + supervisord -c /supervisor_task.conf diff --git a/installer/roles/image_build/files/settings.py b/installer/roles/image_build/files/settings.py index 527c884496..d2d2077d76 100644 --- a/installer/roles/image_build/files/settings.py +++ b/installer/roles/image_build/files/settings.py @@ -6,7 +6,6 @@ import os def get_secret(): if os.path.exists("/etc/tower/SECRET_KEY"): return open('/etc/tower/SECRET_KEY', 'rb').read().strip() - return os.getenv("SECRET_KEY", "privateawx") ADMINS = () |