Remove default passwords in values.yaml

Using default passwords is that it makes it very easy for ppl to install a chart with minimal changes or minimal extra values added. However, this is a Security risk when ppl start to try the chart i.e. and later decide to use it in production.

We supply default passwords here:

  • rabbitmq.auth.password
  • rabbitmq.auth.erlangCookie
  • postgres.postgresqlPassword
  • onlyoffice.jwtSecret
  • Enable redis auth by default (solved in !252 (merged))

Also:

  • How to deal with passwords in values-local.yaml.example ? Should we use a string like CHANGE_ME which can get replaces with a single sed cmd ? Or should we also don't specify any defaults there for the same reasons

Why don't we generate passwords during installation when no value is specified ?

Edited by Maarten de Waard
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information