add missing password and add warning to demo
This commit is contained in:
parent
5086cc7267
commit
2373d054c2
2 changed files with 8 additions and 23 deletions
|
@ -1,5 +1,8 @@
|
||||||
# Home Assistant Demo
|
# Home Assistant Demo
|
||||||
|
|
||||||
|
**This whole demo is highly insecure as all the private keys are available publicly. This is
|
||||||
|
only done for convenience as it is just a demo. Do not expose the VM to the internet.**
|
||||||
|
|
||||||
The [`flake.nix`](./flake.nix) file sets up Home Assistant server that uses a LDAP server to
|
The [`flake.nix`](./flake.nix) file sets up Home Assistant server that uses a LDAP server to
|
||||||
setup users in only about [15 lines](./flake.nix#L29-L45) of related code.
|
setup users in only about [15 lines](./flake.nix#L29-L45) of related code.
|
||||||
|
|
||||||
|
@ -70,7 +73,7 @@ $ cat /etc/hosts
|
||||||
|
|
||||||
Go to [http://ldap.example.com:8080](http://ldap.example.com:8080) and login with:
|
Go to [http://ldap.example.com:8080](http://ldap.example.com:8080) and login with:
|
||||||
- username: `admin`
|
- username: `admin`
|
||||||
- password: the value of the field `lldap.user_password` in the `secrets.yaml` file which is.
|
- password: the value of the field `lldap.user_password` in the `secrets.yaml` file which is `fccb94f0f64bddfe299c81410096499a`.
|
||||||
|
|
||||||
Create the group `homeassistant_user` and a user assigned to that group.
|
Create the group `homeassistant_user` and a user assigned to that group.
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
home-assistant: ENC[AES256_GCM,data:WspkheMuZIF+UWf74XAZx4zpDJHeBb5zG4lGDrSS7sGcG1LrjZOUym1SKlOJEvJhjDVXaaY3AnwX/7ALo0m3gpS0zqkdF5QSWYLMXOoiKWi9H04eI3+WsLlZ8V42oBZGa9spsqAV7ISuiXi6Y6+vp81p5Q==,iv:BGUg9GBEyzukk+s7jIMt42Y3GLxmRKU++CPu3XV9WVc=,tag:JBMdqLpnXVC+XHYS57rVSw==,type:str]
|
home-assistant: ENC[AES256_GCM,data:P5EYiIJ6Kz45LkPo+5mRkhuJ20K/Y7Lp8EGzfWL4ShNI50YBzZKZXNhZNTvrNSIfYS61Ls0qjlaRVgzZ11igsB7ZQQohSnuI+OXL2WfITMwvE3vTsnYxxG9BvMqRdBFIGvc81HhZDB43DT/s6SprBe/7PQ==,iv:dJ7FUkquMI4g4K2Nnv3kFFQk/va2QgwfgGoWif5f2tU=,tag:cykqmJJRWXJ47kGnPkNdBw==,type:str]
|
||||||
lldap:
|
lldap:
|
||||||
user_password: ENC[AES256_GCM,data:Mcbh0ZrcnmR8FuT97OdoS2vAHzGdOrEOTlNKaoLa9hk=,iv:RS7VS+9tsSknn9SwpfyYVi41m3lN4SkZ4CSwrzH/Eso=,tag:sGzhdhEDt0quZwgi+4QDfw==,type:str]
|
user_password: ENC[AES256_GCM,data:Mcbh0ZrcnmR8FuT97OdoS2vAHzGdOrEOTlNKaoLa9hk=,iv:RS7VS+9tsSknn9SwpfyYVi41m3lN4SkZ4CSwrzH/Eso=,tag:sGzhdhEDt0quZwgi+4QDfw==,type:str]
|
||||||
jwt_secret: ENC[AES256_GCM,data:a2CG5iGvVf7jz/JVP1RBDww+joT1TbJkXgsAyD1I00VTQZhkX04mb6wwDfFkATnhBn7GkP++nz+1YBirVWQV3wFfZ3ZufHwS+lQ0VTO6dcjLuTjuLnqprNjp/1cMQeu3vYADA3R7fuqEo/g3QUJzJJeGI48he5c/Cff0hQYgBRU=,iv:rHlRt6nWMz8rVmU0aKH6VWWVXunOfJcDvZOxgWbK1FI=,tag:Os6U0AvkkROuXWC7y6JMaw==,type:str]
|
jwt_secret: ENC[AES256_GCM,data:a2CG5iGvVf7jz/JVP1RBDww+joT1TbJkXgsAyD1I00VTQZhkX04mb6wwDfFkATnhBn7GkP++nz+1YBirVWQV3wFfZ3ZufHwS+lQ0VTO6dcjLuTjuLnqprNjp/1cMQeu3vYADA3R7fuqEo/g3QUJzJJeGI48he5c/Cff0hQYgBRU=,iv:rHlRt6nWMz8rVmU0aKH6VWWVXunOfJcDvZOxgWbK1FI=,tag:Os6U0AvkkROuXWC7y6JMaw==,type:str]
|
||||||
|
@ -17,26 +17,8 @@ sops:
|
||||||
V3VueVVyWW9SMHB1L2VzVGJQQUNkVWMKd7TymvawidPiW417fbC88NojEhfux/dp
|
V3VueVVyWW9SMHB1L2VzVGJQQUNkVWMKd7TymvawidPiW417fbC88NojEhfux/dp
|
||||||
Op2cayvqIt2LI2yG+8u2fPbLsdwwg2ybxccIBqTldIbcELAsBruQkw==
|
Op2cayvqIt2LI2yG+8u2fPbLsdwwg2ybxccIBqTldIbcELAsBruQkw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age18jrfv0ndtrad7ee4dzdfhhuca4wuce059txltdaxuxcnjkc37s5qj9mapm
|
lastmodified: "2023-11-20T08:14:08Z"
|
||||||
enc: |
|
mac: ENC[AES256_GCM,data:1POnLEqucCUC/5fMBuUXF358fUl6bbZr8oHja6XGUVLU17G1T14yqXUJqlooW0wHt/RoF0RB1k+Fwtgn/NSYS83khscYzPZOiqncbI9/YOnUYTai7E0YH3GPF1t+DZIk2LzP8NQc8Xoo3da59boFPU7NU7NpQb5k4q9wJDiCAO0=,iv:tD7TD9wi80yYJhXxFxAlfDiv0Z+sCPKRQKN6wEKJTH8=,tag:qiqJ/wcNQNIXGAdlDH3Isg==,type:str]
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBucFViZUJ6eWhOd3dNUDEw
|
|
||||||
RmtZK05aUE5pemFEendTQkgwZHFaUHh5akhZCnpFeVRIMlNrcWNFYUpJeGI3dXZG
|
|
||||||
bWFObU12Y2FBS3lTcmZmZmNEMjY4YlEKLS0tIDZzN2xQcytlVUc3UVFkcTYxNks2
|
|
||||||
OVMrQXJCQ05vcHhnb2NkaDFJSVd5ZFEK7kztu81Q0513qsbfoh8OO4HOkJQyXRvY
|
|
||||||
zEt70F5F7zxckbFHNIwSujt34+XY9Etl2CnoIVKa54KslyGqTuzECQ==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1sk9w5g0xnszvhpdj3w72pw6fe3d7znxmmh29c8dqvzxqv0lwtpxqj69fxc
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeFNuNVF3bU9NOHJONnRo
|
|
||||||
WUowOWQ1Rjl5OC9GV2hNZXlEZ0JMTUNvUWhVCnFDa3RVelNZTWg4aktkSGMxOTh0
|
|
||||||
aVlIQWJ2Y0czam01a2xQUDhyMG1ZVGMKLS0tIFdaZExoUEdMa3l3L1lXS1pDSkRB
|
|
||||||
QzluL1V5dXJ1L0ExdTlwam5JSjBCSUEKtjTJiBDg+t6EUkQQhDFybPmZV3SJrYxt
|
|
||||||
QGbE+S0AcckxHa+jDpBFm8hBroJ6Gxk9dPkZxfEeltyQgqMjOfVKcQ==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2023-11-18T17:58:16Z"
|
|
||||||
mac: ENC[AES256_GCM,data:6STySfiWarnv+CHAY4AbxJBfHVwfafPcAxnt3Miy+XrJYd0TAMCv3XUojEZzMc55XOnihnErQvdGsGUwDU3Rb3b7G6xvXi+MYcSL5/sxCp+NHXZ+uzxEm/X6pNk6k584vKnZo2a/O4VyC9Uz6jbFmJiFNct9zLIc+/XvS4RO2ps=,iv:7ZNywMCVxh4MaZJAT1wN5joNp4LbbaY582bnQH8sHFI=,tag:0S/ngGQK/jp7LHP6sUhiVg==,type:str]
|
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
Loading…
Reference in a new issue