💻
How to install openedx
  • Introduction
  • Installation methods
  • Repositories
    • edx
    • edx-platform
    • configuration
  • Preparing deployment node
    • Control Node
    • Creating folder structures
    • Docker
  • Installing OpenEDX
    • Preparing remote server
    • Hosts
    • edx-configs
      • configs.yml
      • secrets.yml
    • configuration
    • Install OpenEDX
    • Enabling SSL
Powered by GitBook
On this page
  • ENCRYPT SECRETS FILE
  • DECRYPT SECRETS FILE

Was this helpful?

  1. Installing OpenEDX
  2. edx-configs

secrets.yml

Make sure you generate strong passwords for the variables. Recommended to use tools like pwgen

pwgen -s 32 -n 24

Important Don't upload this file as plain text to your Github repository. First encrypt the file and after that upload it to the repository

# Secrets
SECRET_MYSQL_ROOT_PASSWORD: "SET-ME"
SECRET_COMMON_HTPASSWD_PASS: "SET-ME"
SECRET_COMMON_MONGO_READ_ONLY_PASS: "SET-ME"
SECRET_COMMON_MYSQL_ADMIN_PASS: "SET-ME"
SECRET_COMMON_MYSQL_MIGRATE_PASS: "SET-ME"
SECRET_COMMON_MYSQL_READ_ONLY_PASS: "SET-ME"
SECRET_EDXAPP_CELERY_PASSWORD: "SET-ME"
SECRET_EDXAPP_COMMENTS_SERVICE_KEY: "SET-ME"
SECRET_EDXAPP_MYSQL_CSMH_PASSWORD: "SET-ME"
SECRET_EDXAPP_MYSQL_PASSWORD: "SET-ME"
SECRET_EDXAPP_MYSQL_PASSWORD_ADMIN: "SET-ME"
SECRET_EDXAPP_MYSQL_PASSWORD_READ_ONLY: "SET-ME"
SECRET_FORUM_API_KEY: "SET-ME"
SECRET_MARIADB_CLUSTER_PASSWORD_ADMIN: "SET-ME"
SECRET_MONGO_ADMIN_PASSWORD: "SET-ME"
SECRET_XQUEUE_BASIC_AUTH_PASSWORD: "SET-ME"
SECRET_XQUEUE_BASIC_AUTH_USER: "SET-ME"
SECRET_XQUEUE_MYSQL_PASSWORD: "SET-ME"
SECRET_XQUEUE_RABBITMQ_PASS: "SET-ME"
SECRET_RABBIT_ADMIN_PASSWORD: "SET-ME"
SECRET_EDXAPP_EDXAPP_SECRET_KEY: "SET-ME" 
SECRET_EDXAPP_MONGO_PASSWORD: "SET-ME"
SECRET_FORUM_MONGO_PASSWORD: "SET-ME"
SECRET_EDXAPP_AWS_SECRET_ACCESS_KEY: "SET-ME"

Before uploading this file to GitHub or other repos make sure you encrypt it, you can follow these steps to encrypt the secrets.yml

After running the following command the prompt will ask you for a password, make sure you save this password, so you can use it in the future to decrypt the file.

ENCRYPT SECRETS FILE

in the deployer folder, run following command
ansible-vault encrypt edx-configs/secrets.yml

DECRYPT SECRETS FILE

To decrypt the file you should use the password you entered when you ran the previous command

in the deployer folder, run following command
ansible-vault decrypt edx-configs/secrets.yml
Previousconfigs.ymlNextconfiguration

Last updated 3 years ago

Was this helpful?