From 07cd00b53851c089c0b825d88d108df2ed3dda2a Mon Sep 17 00:00:00 2001
From: Christian Elberfeld <elberfeld@web.de>
Date: Sun, 15 Oct 2017 04:09:47 +0200
Subject: [PATCH] mattermost api keys entfernt

---
 webserver/docker_gitlab/tasks/main.yml        |  4 -
 webserver/docker_matterbridge/tasks/main.yml  |  2 -
 .../templates/matterbridge.toml               | 81 +------------------
 webserver/docker_warpinfra/tasks/main.yml     |  4 +-
 .../docker_warpinfra/templates/config.ini     |  2 +-
 webserver/docker_warpinfratest/tasks/main.yml |  2 -
 .../docker_warpinfratest/templates/config.ini |  2 +-
 7 files changed, 6 insertions(+), 91 deletions(-)

diff --git a/webserver/docker_gitlab/tasks/main.yml b/webserver/docker_gitlab/tasks/main.yml
index bf177e75..b321d09b 100644
--- a/webserver/docker_gitlab/tasks/main.yml
+++ b/webserver/docker_gitlab/tasks/main.yml
@@ -11,16 +11,12 @@
   with_items:
     - /srv/shared/noreply_email_pass
     - /srv/ldap/secret/ldap_readonly_pass
-    - /srv/gitlab/secret/mattermost_api_id 
-    - /srv/gitlab/secret/mattermost_api_secret
   register: gitlab_secrets
 
 - name: get secrets from server 2
   set_fact: 
     noreply_email_pass: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     ldap_readonly_pass: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mattermost_api_id: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/gitlab/secret/mattermost_api_id') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
-    mattermost_api_secret: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/gitlab/secret/mattermost_api_secret') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
 
 
 # Benötigte Verzeichnisstrukturen erstellen 
diff --git a/webserver/docker_matterbridge/tasks/main.yml b/webserver/docker_matterbridge/tasks/main.yml
index 79596dfa..258c02a1 100644
--- a/webserver/docker_matterbridge/tasks/main.yml
+++ b/webserver/docker_matterbridge/tasks/main.yml
@@ -8,13 +8,11 @@
 - name: get secrets from server 1
   slurp: src={{ item }}
   with_items:
-    - /srv/matterbridge/secret/mattermost_hook
     - /srv/matterbridge/secret/telegram_token
   register: matterbridge_secrets
 
 - name: get secrets from server 2
   set_fact: 
-    mattermost_hook: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/mattermost_hook') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     telegram_token: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/telegram_token') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
 
 
diff --git a/webserver/docker_matterbridge/templates/matterbridge.toml b/webserver/docker_matterbridge/templates/matterbridge.toml
index cc24ea47..6ef062ab 100644
--- a/webserver/docker_matterbridge/templates/matterbridge.toml
+++ b/webserver/docker_matterbridge/templates/matterbridge.toml
@@ -63,81 +63,6 @@ ShowJoinPart=false
 
 
 
-###################################################################
-#mattermost section
-###################################################################
-[mattermost]
-#You can configure multiple servers "[mattermost.name]" or "[mattermost.name2]"
-#In this example we use [mattermost.work]
-#REQUIRED
-
-[mattermost.warpzone]
-#### Settings for webhook matterbridge.
-#### These settings will not be used when useAPI is enabled
-
-## In der Warpzone-Umgebung kann useAPI nicht verwendet werden, 
-## da matterbridge kein Login über LDAP kennt.
-## Die Anbindung erfolgt daher über WebHooks, die entsprechend im Mattermost 
-## eingerichtet werden müssen.
-
-#Url is your incoming webhook url as specified in mattermost. 
-#See account settings - integrations - incoming webhooks on mattermost.
-
-## Die URL wird im Mattermost von einem Admin erzeugt und 
-## hier hinterlegt.
-## Die URL muss von dem matterbridge Prozess erreichbar sein.
-
-#REQUIRED (unless useAPI=true)
-URL="{{ mattermost_hook }}"
-
-#Address to listen on for outgoing webhook requests from mattermost.
-#See account settings - integrations - outgoing webhooks on mattermost.
-
-## Da dieser Prozess in einem Docker Container läuft wird als Bind-Adresse 0.0.0.0
-## verwendet, der Port wird später über Docker nach außen geleitet.
-## Dieser Port muss von dem Mattermost Server aus erreichbar sein.
-## Dort muss ein ausgehender Webhook mit dem Content-Type "application/x-www-form-urlencoded"
-## eingerichtet werden, der die URL http://172.17.0.1:9999 anspricht.
-## Die IP 172.17.0.1 ist die Server-IP des Docker Netzwerkes.
-## Dadurch ist der Port nur von den Docker-Prozessen auf diesem Host erreichbar.
-
-#REQUIRED (unless useAPI=true)
-BindAddress="0.0.0.0:9999"
-
-#Icon that will be showed in mattermost. 
-#OPTIONAL
-#IconURL="http://youricon.png"
-
-#Enable to not verify the certificate on your mattermost server. 
-#e.g. when using selfsigned certificates
-#OPTIONAL (default false)
-SkipTLSVerify=true
-
-#how to format the list of IRC nicks when displayed in mattermost. 
-#Possible options are "table" and "plain"
-#OPTIONAL (default plain)
-NickFormatter="plain"
-#How many nicks to list per row for formatters that support this. 
-#OPTIONAL (default 4)
-NicksPerRow=4
-
-#Whether to prefix messages from other bridges to mattermost with the sender's nick. 
-#Useful if username overrides for incoming webhooks isn't enabled on the 
-#mattermost server. If you set PrefixMessagesWithNick to true, each message 
-#from bridge to Mattermost will by default be prefixed by "bridge-" + nick. You can, 
-#however, modify how the messages appear, by setting (and modifying) RemoteNickFormat 
-#OPTIONAL (default false)
-PrefixMessagesWithNick=false
-
-#Nicks you want to ignore. 
-#Messages from those users will not be sent to other bridges.
-#OPTIONAL
-#IgnoreNicks="ircspammer1 ircspammer2"
-
-#Enable to show users joins/parts from other bridges (only from irc-bridge at the moment)
-#OPTIONAL (default false)
-ShowJoinPart=false
-
 
 ###################################################################
 #telegram section
@@ -232,10 +157,10 @@ enable=true
     account="irc.freenode"
     channel="#warpzone"
 
-    [[gateway.inout]]
+    #[[gateway.inout]]
     ## Raum Town-Squre auf dem Warpzone Mattermost Server 
-    account="mattermost.warpzone"
-    channel="town-square"
+    #account="mattermost.warpzone"
+    #channel="town-square"
 
     #[[gateway.inout]]
     ## Telegramm Gruppe @warpzone
diff --git a/webserver/docker_warpinfra/tasks/main.yml b/webserver/docker_warpinfra/tasks/main.yml
index 36213619..ac78600c 100644
--- a/webserver/docker_warpinfra/tasks/main.yml
+++ b/webserver/docker_warpinfra/tasks/main.yml
@@ -11,7 +11,6 @@
     - /srv/shared/noreply_email_pass
     - /srv/ldap/secret/ldap_admin_pass
     - /srv/ldap/secret/ldap_readonly_pass
-    - /srv/warpinfra/secret/mattermost_api_key
     - /srv/warpinfra/secret/web_secret_key
     - /srv/warpinfra/secret/mysql_root_pw
     - /srv/warpinfra/secret/mysql_user_pw
@@ -22,7 +21,6 @@
     noreply_email_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     ldap_admin_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     ldap_readonly_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mattermost_api_key: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mattermost_api_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     web_secret_key: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     mysql_root_pw: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     mysql_user_pw: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
@@ -73,7 +71,7 @@
     src: "docker-compose.yml" 
     dest: "/srv/warpinfra/docker-compose.yml"
         
-- name: start warpinfratest docker
+- name: start warpinfra docker
   docker_service:
     project_src: /srv/warpinfra/
     state: present
diff --git a/webserver/docker_warpinfra/templates/config.ini b/webserver/docker_warpinfra/templates/config.ini
index a68e2a3c..71b2167f 100644
--- a/webserver/docker_warpinfra/templates/config.ini
+++ b/webserver/docker_warpinfra/templates/config.ini
@@ -16,7 +16,7 @@ PW_RESET_TOKEN_LIFETIME = 5
 ALLOWED_HOSTS = infra.warpzone.ms
 
 [mattermost]
-API_KEY = {{mattermost_api_key}}
+API_KEY = none
 
 [mysql]
 MYSQL_HOST = db
diff --git a/webserver/docker_warpinfratest/tasks/main.yml b/webserver/docker_warpinfratest/tasks/main.yml
index bf90b500..d6c77f64 100644
--- a/webserver/docker_warpinfratest/tasks/main.yml
+++ b/webserver/docker_warpinfratest/tasks/main.yml
@@ -11,7 +11,6 @@
     - /srv/shared/noreply_email_pass
     - /srv/ldap/secret/ldap_admin_pass
     - /srv/ldap/secret/ldap_readonly_pass
-    - /srv/warpinfratest/secret/mattermost_api_key
     - /srv/warpinfratest/secret/web_secret_key
     - /srv/warpinfratest/secret/mysql_root_pw
     - /srv/warpinfratest/secret/mysql_user_pw
@@ -22,7 +21,6 @@
     noreply_email_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     ldap_admin_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     ldap_readonly_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mattermost_api_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mattermost_api_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     web_secret_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     mysql_root_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
     mysql_user_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
diff --git a/webserver/docker_warpinfratest/templates/config.ini b/webserver/docker_warpinfratest/templates/config.ini
index 9b83d651..b1d150cb 100644
--- a/webserver/docker_warpinfratest/templates/config.ini
+++ b/webserver/docker_warpinfratest/templates/config.ini
@@ -16,7 +16,7 @@ PW_RESET_TOKEN_LIFETIME = 5
 ALLOWED_HOSTS = infra.warpzone.ms
 
 [mattermost]
-API_KEY = {{mattermost_api_key}}
+API_KEY = none
 
 [mysql]
 MYSQL_HOST = db
-- 
GitLab