Add quotes to shell variables with user input

The last update of this file added default values for passwords
but removed the 'quote' filter.
This is extremely problematic for database passwords that should always
be complex and contain special characters that the shell may interpret
wrongly.
As a sanity measure, adding the quote filter to all fields.

1 files changed, 11 insertions, 11 deletions

diff --git a/installer/roles/local_docker/templates/environment.sh.j2 b/installer/roles/local_docker/templates/environment.sh.j2
index 7d78b8c96f..832f112d6d 100644
--- a/installer/roles/local_docker/templates/environment.sh.j2
+++ b/installer/roles/local_docker/templates/environment.sh.j2
@@ -1,12 +1,12 @@
-DATABASE_USER={{ pg_username }}
-DATABASE_NAME={{ pg_database }}
-DATABASE_HOST={{ pg_hostname|default('postgres') }}
-DATABASE_PORT={{ pg_port|default('5432') }}
-DATABASE_PASSWORD={{ pg_password|default('awxpass') }}
-DATABASE_ADMIN_PASSWORD={{ pg_admin_password|default('postgrespass') }}
+DATABASE_USER={{ pg_username|quote }}
+DATABASE_NAME={{ pg_database|quote }}
+DATABASE_HOST={{ pg_hostname|default('postgres')|quote }}
+DATABASE_PORT={{ pg_port|default('5432')|quote }}
+DATABASE_PASSWORD={{ pg_password|default('awxpass')|quote }}
+DATABASE_ADMIN_PASSWORD={{ pg_admin_password|default('postgrespass')|quote }}
 MEMCACHED_HOST={{ memcached_hostname|default('memcached') }}
-MEMCACHED_PORT={{ memcached_port|default('11211') }}
-RABBITMQ_HOST={{ rabbitmq_hostname|default('rabbitmq') }}
-RABBITMQ_PORT={{ rabbitmq_port|default('5672') }}
-AWX_ADMIN_USER={{ admin_user }}
-AWX_ADMIN_PASSWORD={{ admin_password | quote }}
+MEMCACHED_PORT={{ memcached_port|default('11211')|quote }}
+RABBITMQ_HOST={{ rabbitmq_hostname|default('rabbitmq')|quote }}
+RABBITMQ_PORT={{ rabbitmq_port|default('5672')|quote }}
+AWX_ADMIN_USER={{ admin_user|quote }}
+AWX_ADMIN_PASSWORD={{ admin_password|quote }}