use a secret admin password

author: Jesse Luehrs <doy@tozt.net> 2021-07-01 02:26:12 -0400
committer: Jesse Luehrs <doy@tozt.net> 2021-07-01 02:26:12 -0400
commit: 60ff55c1df78bdd392b6983cc41f722c10d1046c (patch)
tree: 7a080e9d49c6ba7e3f28aa2c33d375e958126db3 /modules/pihole
parent: 1d1921fe39e3fb10d67f926e583b028a43e4e034 (diff)
download: puppet-tozt-60ff55c1df78bdd392b6983cc41f722c10d1046c.tar.gz
puppet-tozt-60ff55c1df78bdd392b6983cc41f722c10d1046c.zip
2 files changed, 3 insertions, 1 deletions
diff --git a/modules/pihole/manifests/init.pp b/modules/pihole/manifests/init.pp
index aacbbd7..f568b3e 100644
--- a/modules/pihole/manifests/init.pp
+++ b/modules/pihole/manifests/init.pp
@@ -1,6 +1,8 @@
 class pihole($dir) {
   include podman
 
+  $webpassword = secret::value("pihole")
+
   file {
     $dir:
       ensure => directory;
diff --git a/modules/pihole/templates/pihole.service b/modules/pihole/templates/pihole.service
index bfcd3d9..f988cbf 100644
--- a/modules/pihole/templates/pihole.service
+++ b/modules/pihole/templates/pihole.service
@@ -3,7 +3,7 @@ Description=runs pihole
 After=network.target
 
 [Service]
-ExecStart=/usr/bin/podman run --rm --name pihole -p 53:53/tcp -p 53:53/udp -p 80:80 -e TZ=America/New_York -v "<%= @dir %>/etc-pihole/:/etc/pihole/" -v "<%= @dir %>/etc-dnsmasq.d/:/etc/dnsmasq.d/" -v "<%= @dir %>/var-log/pihole.log:/var/log/pihole.log" --dns 127.0.0.1 --dns 4.2.2.4 --hostname pi.hole -e VIRTUAL_HOST=pi.hole -e PROXY_LOCATION=pi.hole -e WEBPASSWORD=test -e ServerIP=127.0.0.1 docker.io/pihole/pihole:latest
+ExecStart=/usr/bin/podman run --rm --name pihole -p 53:53/tcp -p 53:53/udp -p 80:80 -e TZ=America/New_York -v "<%= @dir %>/etc-pihole/:/etc/pihole/" -v "<%= @dir %>/etc-dnsmasq.d/:/etc/dnsmasq.d/" -v "<%= @dir %>/var-log/pihole.log:/var/log/pihole.log" --dns 127.0.0.1 --dns 4.2.2.4 --hostname pi.hole -e VIRTUAL_HOST=pi.hole -e PROXY_LOCATION=pi.hole -e WEBPASSWORD=<%= @webpassword %> -e ServerIP=127.0.0.1 docker.io/pihole/pihole:latest
 ExecStop=/usr/bin/docker stop pihole
 Restart=always
author	Jesse Luehrs <doy@tozt.net>	2021-07-01 02:26:12 -0400
committer	Jesse Luehrs <doy@tozt.net>	2021-07-01 02:26:12 -0400
commit	60ff55c1df78bdd392b6983cc41f722c10d1046c (patch)
tree	7a080e9d49c6ba7e3f28aa2c33d375e958126db3 /modules/pihole
parent	1d1921fe39e3fb10d67f926e583b028a43e4e034 (diff)
download	puppet-tozt-60ff55c1df78bdd392b6983cc41f722c10d1046c.tar.gz puppet-tozt-60ff55c1df78bdd392b6983cc41f722c10d1046c.zip