This commit is contained in:
Wolfgang Hottgenroth 2025-02-19 18:03:30 +01:00
parent 26528365e7
commit 53aaf42bd9
Signed by: wn
GPG Key ID: 18FDFA577A8871AD

37
readme.md Normal file
View File

@ -0,0 +1,37 @@
## Redis Configuration
When a shared internal Redis server shall be used it is necessary to config the database (a number) to be used by defectdojo using the option `celery.path` in the `values.yml`.
Even if no authentication on the Redis server shall be used it is required to create the secret `defectdojo-redis-specific` with an empty key `redis-password`.
## Admin User
Although the admin user's credentials are created into the secret `defectdojo` it appears, that they are not working. Login using these credentials is not possible.
To be able to login I had to overwrite the `password` column in the table `auth_user` for the user `admin` in the dejectdojo database.
The following Python snippet helped to generate the required value:
```
wn@kirchhoff:~/tmp$ python3
Python 3.11.2 (main, Aug 26 2024, 07:20:54) [GCC 12.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import argon2
>>> ph=argon2.PasswordHasher()
>>> h = ph.hash("test123")
>>> print(f"argon2{h}")
argon2$argon2id$v=19$m=102400,t=2,p=8$T0Cc8l0XGQdzlXg8UcVqjA$KUVj5vE8miAKJdDyzWn6TQ
>>>
wn@kirchhoff:~/tmp$
```
Another option is to create a second admin user via the `manage.py` tool of defectdojo. To use this tool I had to open a shell into the `uwsgi` container within the `defectdojo-django-*` pod. Here I was directly in the directory `/app` where I found the tool.
```
python manage.py createsuperuser --username newadmin --email newadmin@defectdojo.hottis.de
```
A password is requested afterwards. With this new admin I also was able to login in.