3 files changed, 40 insertions, 12 deletions

diff --git a/dan/host_vars/ele-lt.yml b/dan/host_vars/ele-lt.yml
index 66002718..2ab6dbc9 100644
--- a/dan/host_vars/ele-lt.yml
+++ b/dan/host_vars/ele-lt.yml
@@ -1,10 +1,20 @@
 $ANSIBLE_VAULT;1.2;AES256;dan
-32666531386662623434303362326535346666323130643861613564366638346262366336356361
-6135646662346361386263383430623632623338353233370a333738646265366632623166353862
-33346434346264356361643136666231613938386661663036613835326232613466383836353936
-3162353637363134350a373363633836316636343166353932343030313931636232346562623761
-39663532343431303835303134303034633135613533383561306462653534396130656562303935
-33306165383533336265313033643365616638376133646130386332646439656437363533373031
-66366533363264353162626533356237386163363163393538366364353034343636383839613665
-39303162626264643166396233616363346639333438393839336264393835636430643633666330
-3166
+63653230333363323237346165393736666136633765663833303763336234313634303632393633
+6331666636353766663130306439326230363739643733300a313763326636646664626239366564
+34373662313665343432666533383661613433386536393465363664393339336437303061366331
+3664643930646139370a333239626436643936373339366133333634323030653132333963326134
+36366162313632613534396136336239343333336233333437353263386534663837646264373763
+66333935346237363665316633626635363563663466363933613239383233626362306238663461
+62373432343733646264333266363534326365303733313030386632623530353934383635333431
+31303733303732313566383161383231383737323235393431313133303661666239346434636666
+33303366633434376363353838643032326130326662646364306661396361636534656637383834
+39336138643037363738333735623330613637386466653761336237663262663934343937373762
+63376231316439663864383239643034333165303833396664343837346662303834383934613232
+38653635333666653937356263643431646462616461636262623931346231313133363039396536
+39666332626338393136626439333765663865623263303634333638376461376462646633626435
+32316333396664316430363066396137323230396635636131636333636338386465313463376432
+33313364626230646335623265306564646337353666303164616666383537623864663864623233
+34626130623766623138666537303837616462656434623432366266646136356163623562323362
+62633534393833346639626335616463316136356164303231366138623433343130333836616638
+34373537393562353237613665333634363530313666663431613639396463353131626364636566
+333963343035363136636238353234383837
diff --git a/inventory/host_vars/ele-lt.yml b/inventory/host_vars/ele-lt.yml
index f642f09c..70964e77 100644
--- a/inventory/host_vars/ele-lt.yml
+++ b/inventory/host_vars/ele-lt.yml
@@ -5,6 +5,16 @@ ssh_allowusers_host:
   - "{{ liquidtruth_app_user }}"
 
 
+liquidtruth_mongodb_root_username: root
+liquidtruth_mongodb_root_password: "{{ vault_liquidtruth_mongodb_root_password }}"
+
+liquidtruth_mongodb_backup_username: backup
+liquidtruth_mongodb_backup_password: "{{ vault_liquidtruth_mongodb_backup_password }}"
+
+liquidtruth_mongodb_app_username: lt
+liquidtruth_mongodb_app_password: "{{ vault_liquidtruth_mongodb_app_password }}"
+
+
 #acmetool_directory_server: "{{ acmetool_directory_server_le_live }}"
 
 liquidtruth_hostnames:
diff --git a/roles/elevate/liquidtruth/tasks/mongodb.yml b/roles/elevate/liquidtruth/tasks/mongodb.yml
index 8d5180ae..77355f0f 100644
--- a/roles/elevate/liquidtruth/tasks/mongodb.yml
+++ b/roles/elevate/liquidtruth/tasks/mongodb.yml
@@ -29,6 +29,14 @@
 #   ignore_errors: true
 #   no_log: true
 
-# - name: initialize authorization
-#   include_tasks: mongodb_authorization.yml
-#   when: mongodb_root_user_check
+##
+## $ mongo
+## > use admin
+## > db.createUser({ user: "root", pwd: "<secret>", roles: [ { role: "root", db: "admin" } ] })
+## > db.createUser({ user: "backup", pwd: "<secret>", roles: [ { role: "backup", db: "admin" }, { role: "clusterMonitor", db: "admin" } ] })
+## > db.createUser({ user: "lt", pwd: "<secret>", roles: [ { role: "dbOwner", db: "lt" } ] })
+## > exit
+##
+## edit /etc/mongodb.conf: uncomment 'auth = true'
+## Restart mongodb
+##