FEATURE/MEDIUM: userList: generate random secure password

This change previously hard coded password usage and instead use generated password.
So, on every start up a random password is generated and saved to HAProxy conf.

go.sum

@@ -8,6 +8,8 @@ github.com/Azure/go-autorest v10.15.3+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxS
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/DataDog/datadog-go v2.2.0+incompatible h1:V5BKkxACZLjzHjSgBbr2gvLA2Ae49yhc6CSY7MLy5k4=
 github.com/DataDog/datadog-go v2.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
+github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962 h1:KeNholpO2xKjgaaSyd+DyQRrsQjhbSeS7qe4nEw8aQw=
+github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962/go.mod h1:kC29dT1vFpj7py2OvG1khBdQpo3kInWP+6QipLbdngo=
 github.com/Microsoft/go-winio v0.4.3 h1:M3NHMuPgMSUPdE5epwNUHlRPSVzHs8HpRTrVXhR0myo=
 github.com/Microsoft/go-winio v0.4.3/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
 github.com/NYTimes/gziphandler v1.0.1 h1:iLrQrdwjDd52kHDA5op2UBJFjmOb9g+7scBan4RN8F0=

haproxy/config.go

@@ -1,6 +1,8 @@
 package haproxy
 
 import (
+	"crypto/rand"
+	"encoding/base64"
 	"io/ioutil"
 	"os"
 	"path"
@@ -14,9 +16,10 @@ import (
 
 const (
 	dataplaneUser = "haproxy"
-	dataplanePass = "pass"
 )
 
+var dataplanePass string
+
 var baseCfgTmpl = `
 global
 	master-worker
@@ -105,6 +108,8 @@ func newHaConfig(baseDir string, sd *lib.Shutdown) (*haConfig, error) {
 	}
 	defer cfgFile.Close()
 
+	dataplanePass = createRandomString()
+
 	err = tmpl.Execute(cfgFile, baseParams{
 		NbThread:      runtime.GOMAXPROCS(0),
 		SocketPath:    cfg.StatsSock,
@@ -131,3 +136,9 @@ func newHaConfig(baseDir string, sd *lib.Shutdown) (*haConfig, error) {
 
 	return cfg, nil
 }
+
+func createRandomString() string {
+	randBytes := make([]byte, 32)
+	_, _ = rand.Read(randBytes)
+	return base64.URLEncoding.EncodeToString(randBytes)
+}