Remove default passwords in values.yaml

Using default passwords is that it makes it very easy for ppl to install a chart with minimal changes or minimal extra values added. However, this is a Security risk when ppl start to try the chart i.e. and later decide to use it in production.

We supply default passwords here:

rabbitmq.auth.password
rabbitmq.auth.erlangCookie
postgres.postgresqlPassword
onlyoffice.jwtSecret
Enable redis auth by default (solved in !252 (merged))

Also:

How to deal with passwords in values-local.yaml.example ? Should we use a string like CHANGE_ME which can get replaces with a single sed cmd ? Or should we also don't specify any defaults there for the same reasons

Why don't we generate passwords during installation when no value is specified ?

Edited Oct 05, 2022 by Maarten de Waard

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Remove default passwords in values.yaml