novnc.yml aktualisiert

novnc.yml

@@ -73,7 +73,49 @@
             middlewares:
               auth-novnc:
                 basicauth:
-                  users: "admin:$apr1$XLxGs/Ba$3phZ1a2RtfExOp8x6NFjZ."
+                  usersFile: "/etc/traefik/providers.local/novnc.usersfile"
+                  removeHeader: true
+
+   - name: /home/docker/traefik.{{inventory_hostname}}/novnc-genpw.sh (generate Random PW for noVNC basic-auth)
+      blockinfile:
+        path: /home/docker/traefik.{{inventory_hostname}}/novnc-genpw.sh
+        create: yes
+        mode: 0550
+        owner: root
+        group: docker
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          cd /home/docker/traefik.{{inventory_hostname}}
+          user=admin
+          password=$(pwgen -s 32 1)
+          matrixadminpassword=$(pwgen -s 32 1)
+
+          [ -f novnc-env ] || echo "USER=!USER!
+          PASSWORD=!PASSWORD!
+          " >novnc-env
+         
+          chmod 440 novnc-env
+          chown root:docker novnc-env
+          sed -i "s/\!USER\!/$user/g" novnc-env
+          sed -i "s/\!PASSWORD\!/$password/g" novnc-env
+          
+          . novnc-env
+          echo $(htpasswd -nb $USER $PASSWORD) | sed -e s/\\$/\\$\\$/g >providers/novnc.usersfile
+
+        backup: yes
+        validate: /bin/bash -n %s
+
+    - name: /home/docker/matrix.{{inventory_hostname}}/novnc-genpw.sh shebang
+      lineinfile:
+        path: /home/docker/matrix.{{inventory_hostname}}/novnc-genpw.sh
+        insertbefore: BOF
+        line: "#!/bin/bash -e"
+
+    - name: Gen initial password if not exists
+      ansible.builtin.shell: ./novnc-genpw.sh
+      args:
+        chdir: /home/docker/traefik.{{inventory_hostname}}
+        creates: /home/docker/traefik.{{inventory_hostname}}/providers/novnc.usersfile
 
 
   handlers: