Replace deprecated clear text password with hash #389
Conversation
Hooverdan96
added
the
needs review
Hooverdan96
force-pushed
the
388_update_wgeasy
branch
from
c7de607 to
b7b58bf
Compare
|
Here are some testing screenshots for setup and config. One thing I noticed is that the share mapped representation is incorrect in the summary page during configuration, they're swapped, all other parameters are in the column where they're supposed to be. This might require another small addition to what @phillxnet has already done recently. I am not showing how I got the password hash, it's pretty self-explanatory on the link provided in the Rockon description.
If a previous instance was installed, the settings/keys will just show up and can continue to be used as before. |
|
@Hooverdan96 Just a quick note on:
In a recent comment on related improvements in this area: rockstor/rockstor-core#2887 (comment) |
There was a problem hiding this comment.
@Hooverdan96 Thanks again for your continued efforts in maintaining this Rock-on. As always much appreciated.
Re:
I am not showing how I got the password hash, it's pretty self-explanatory on the link provided in the Rockon description.
I've only done a cursory pre-merge test here, to ensure the resulting Rock-on repo appears sane still. This looks to be the case. But I see a couple of minor link issues:
- The above indicated link gives a 404 (likely stuff has moved in the interim in the associated repo): https://github.com/wg-easy/wg-easy/blob/master/How_to_generate_an_bcrypt_hash.md%20target=
- The GitHub repo link in the description has bugs:
-
- Shows in text as: https://github.com/wg-easy/wg-easy/pkgs/container/wg-easy
-
- Resolves to the local host thus: https://rleap15-6.lan/ghcr.io/wg-easy/wg-easy
for a https://rleap15-6.lan instance.
- Resolves to the local host thus: https://rleap15-6.lan/ghcr.io/wg-easy/wg-easy
Am I doing it wrong :).
|
Of course, you're not doing it wrong! I don't know what's happening. When I put my final html string into a validator, the links worked just fine. Of course I trusted that, and didn't retry this on a sample implementation. I'll address it. |
Hooverdan96
force-pushed
the
388_update_wgeasy
branch
from
b7b58bf to
e7376bf
Compare
Replace deprecated clear text password with hash - adjust WG-Easy Image File - replace password parameter with password hash parameter - update description with instructions for hash. Adjust URL links. - fix indentation formatting (tab to space)
|
I also created new issue #2904 in the rockstor-core repo. |
|
@Hooverdan96 Appologies for the ages in getting back around to this PR:
Now works for me post your fix; and:
I now get:
Where:
So following on from my last review and you having already proven the actual function re install etc, I'll merge and get this out to PRODUCTION. Again my apologies here on the delay revisiting this Rock-on maintenance PR. And thanks again for all your efforts here and essentially everywhere else in the project. As always much appreciated. |
|
PR product PRODUCTION published. |
Hooverdan96
removed
the
needs review
Fixes #388 .
General information on project
Information on docker image
same author, however, the developer is recommending to use the image on Github instead of Docker hub:
ghcr.io/wg-easy/wg-easy
Changes made to update Rockon definition:
Checklist
root.jsonin alphabetical order (for new rock-on only)"description"object lists and links to the docker image used"description"object provides information on the image's particularities (advantage over another existing rock-on for the same project, for instance)"website"object links to project's main websiteTesting
I have installed it using the same parameters as before, with the exception of the password now being entered as a hash value. Works well for me, connectivity from outside the network operates just as before it broke. The admin WebUI is accessible with the underlying password, so that transition works as well.