readme

readme.md

@@ -0,0 +1,37 @@
+## Redis Configuration
+
+When a shared internal Redis server shall be used it is necessary to config the database (a number) to be used by defectdojo using the option `celery.path` in the `values.yml`.
+
+Even if no authentication on the Redis server shall be used it is required to create the secret `defectdojo-redis-specific` with an empty key `redis-password`.
+
+
+## Admin User
+
+Although the admin user's credentials are created into the secret `defectdojo` it appears, that they are not working. Login using these credentials is not possible.
+
+To be able to login I had to overwrite the `password` column in the table `auth_user` for the user `admin` in the dejectdojo database.
+
+The following Python snippet helped to generate the required value:
+
+```
+wn@kirchhoff:~/tmp$ python3
+Python 3.11.2 (main, Aug 26 2024, 07:20:54) [GCC 12.2.0] on linux
+Type "help", "copyright", "credits" or "license" for more information.
+>>> import argon2
+>>> ph=argon2.PasswordHasher()
+>>> h = ph.hash("test123")
+>>> print(f"argon2{h}")
+argon2$argon2id$v=19$m=102400,t=2,p=8$T0Cc8l0XGQdzlXg8UcVqjA$KUVj5vE8miAKJdDyzWn6TQ
+>>> 
+wn@kirchhoff:~/tmp$ 
+```
+
+Another option is to create a second admin user via the `manage.py` tool of defectdojo. To use this tool I had to open a shell into the `uwsgi` container within the `defectdojo-django-*` pod. Here I was directly in the directory `/app` where I found the tool.
+
+```
+python manage.py createsuperuser --username newadmin --email newadmin@defectdojo.hottis.de
+```
+
+A password is requested afterwards. With this new admin I also was able to login in.
+
+