From 278afb2d94edf89946483d4e5301bb3efc26f097 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Thu, 30 Dec 2021 03:32:12 +0100
Subject: Passwords through hiera.

---
 manifests/site.pp                           |  4 ++--
 modules/pass/lib/puppet/functions/pass.rb   | 21 ---------------------
 modules/profiles/manifests/webdav_server.pp |  1 -
 3 files changed, 2 insertions(+), 24 deletions(-)
 delete mode 100644 modules/pass/lib/puppet/functions/pass.rb

diff --git a/manifests/site.pp b/manifests/site.pp
index e0ec321..ec2d588 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -168,8 +168,8 @@ node 'gandalf.adrift.space' {
 
   profiles::webdav_server { '/dav':
     file_path    => '/var/www/webdav',
-    users        => [['hugo', pass('adrift.space/gandalf/dav/hugo')]],
-    nginx_server => 'gandalf'
+    nginx_server => 'gandalf',
+    users        => lookup('profiles::webdav_server::users'),
   }
 
 }
diff --git a/modules/pass/lib/puppet/functions/pass.rb b/modules/pass/lib/puppet/functions/pass.rb
deleted file mode 100644
index 176e7e9..0000000
--- a/modules/pass/lib/puppet/functions/pass.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-# require 'open3'
-
-Puppet::Functions.create_function(:pass) do
-  dispatch :method do
-    param 'String', :path
-    optional_param 'String', :salt
-  end
-
-  def method(path, salt = path)
-    # Salt was an attempt to not regenerate the entry every run.
-    # This however failed, since the command is still run, and puppet
-    # doesn't diff betwen runs
-    # -salt #{salt}
-    #
-    # TODO fetch passwords in some slightly more portable way
-    `openssl passwd -apr1 $(sudo -Hu hugo pass #{path})`
-    # Open3.popen3("sudo -Hu hugo pass #{path}") do |stdin, stdout, stderr, thread|
-    #   stdout.read.chomp
-    # end
-  end
-end
diff --git a/modules/profiles/manifests/webdav_server.pp b/modules/profiles/manifests/webdav_server.pp
index 2cd54c1..bd2bc92 100644
--- a/modules/profiles/manifests/webdav_server.pp
+++ b/modules/profiles/manifests/webdav_server.pp
@@ -46,7 +46,6 @@ define profiles::webdav_server (
   # add entries to the htpasswd file through
   # $ echo "${user}:$(openssl passwd -apr1 $password)" >> .htpasswd
 
-
   $users.each |$pair| {
     $user = $pair[0]
     $passwd = $pair[1]
-- 
cgit v1.2.3