Merge pull request 'update ldap and postgresql password' (#2) from gnunux/dataset:issue/update_password into main

Reviewed-on: https://cloud.silique.fr/gitea/risotto/dataset/pulls/2

seed/applicationservice/2022.03.08/openldap-server/dictionaries/21_openldap-server.xml

@@ -8,6 +8,7 @@
       <file owner="ldap" mode="400">/etc/pki/tls/private/openldap.key</file>
       <file owner="ldap">/var/lib/ldap/DB_CONFIG</file>
       <file>/secrets/users.ldif</file>
+      <file>/secrets/users_mod.ldif</file>
       <file>/secrets/config.ldif</file>
       <file>/secrets/config_acl.ldif</file>
       <file>/secrets/admin_ldap.pwd</file>

seed/applicationservice/2022.03.08/openldap-server/templates/slapd.service

@@ -13,3 +13,4 @@ ExecStart=+/usr/sbin/slapd -u ldap -h ldaps:///
 #waiting for ldap server...
 ExecStartPost=/usr/bin/timeout 90 sh -c 'while ! 3<> /dev/tcp/localhost/%%ldap_port; do sleep 1; done'
 ExecStartPost=-/usr/bin/ldapmodify -D %%ldap_admin_dn -y /usr/local/lib/secrets/admin_ldap.pwd -v -f /usr/local/lib/secrets/config_acl.ldif
+ExecStartPost=-/usr/bin/ldapmodify -D %%ldap_admin_dn -y /usr/local/lib/secrets/admin_ldap.pwd -v -f /usr/local/lib/secrets/users_mod.ldif

seed/applicationservice/2022.03.08/openldap-server/templates/users_mod.ldif

@@ -0,0 +1,9 @@
+# Remote
+%for %%remote in %%accounts.remotes
+ %set %%name = %%normalize_family(%%remote)
+dn: %%accounts['remote_' + %%name]['dn_' + %%name]
+changetype: modify
+replace: userPassword
+userPassword:: %%ssha_encode(%%accounts['remote_' + %%name]['password_' + %%name])
+
+%end for

seed/applicationservice/2022.03.08/postgresql-server/templates/postgresql.sql

@@ -2,5 +2,6 @@
  %set %%name = %%normalize_family(%%server)
 CREATE DATABASE "%%name";
 CREATE ROLE "%%name" WITH LOGIN ENCRYPTED PASSWORD '%%accounts["remote_" + %%name]["password_" + %%name]';
+ALTER USER "%%name" PASSWORD '%%accounts["remote_" + %%name]["password_" + %%name]';
 GRANT ALL PRIVILEGES ON DATABASE "%%name" TO "%%name";
 %end for