server/config: convert mongoshrc.js template to EPP

kenyon · kenyon · commit ca4080b38a79 · 2026-02-27T13:51:21.000-08:00
Fixes #762.
diff --git a/manifests/server/config.pp b/manifests/server/config.pp
@@ -153,15 +153,10 @@
     }
   }
 
-  $admin_password_unsensitive = if $admin_password =~ Sensitive[String] {
-    $admin_password.unwrap
-  } else {
-    $admin_password
-  }
   if $handle_creds {
     file { $rcfile:
       ensure  => file,
-      content => template('mongodb/mongoshrc.js.erb'),
+      content => epp("${module_name}/mongoshrc.js.epp"),
       owner   => 'root',
       group   => 'root',
       mode    => '0600',
diff --git a/templates/mongoshrc.js.epp b/templates/mongoshrc.js.epp
@@ -16,7 +16,7 @@ function rsReconfigSettings(settings){
   return rs.reconfig(cfg)
 }
 
-<% if @auth and @store_creds -%>
+<% if $mongodb::server::config::auth and $mongodb::server::config::store_creds { -%>
 function authRequired() {
   try {
     return rs.status().ok != 1;
@@ -29,12 +29,12 @@ function authRequired() {
 }
 
 if (authRequired()) {
-  <%- if @replset -%>
+  <%- if $mongodb::server::config::replset { -%>
   db.getMongo().setReadPref('primaryPreferred')
-  <%- end -%>
+  <%- } -%>
   try {
     admin = db.getSiblingDB('admin')
-    admin.auth('<%= @admin_username %>', '<%= @admin_password_unsensitive.gsub('\\','\\\\\\\\').gsub("'","\\\\'") %>')
+    admin.auth('<%= $mongodb::server::config::admin_username %>', '<%= $mongodb::server::config::admin_password.regsubst('\\\\','\\\\\\\\','G').regsubst("'","\\\\'",'G') %>')
   }
   catch (err) {
     // Silently ignore this error, we can't really do anything about it.
@@ -44,4 +44,4 @@ if (authRequired()) {
     //   This is normal when setting up a new cluster/server.
   }
 }
-<% end -%>
+<% } -%>

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ function rsReconfigSettings(settings){`
`16`	`16`	`return rs.reconfig(cfg)`
`17`	`17`	`}`
`18`	`18`
`19`		`-<% if @auth and @store_creds -%>`
	`19`	`+<% if $mongodb::server::config::auth and $mongodb::server::config::store_creds { -%>`
`20`	`20`	`function authRequired() {`
`21`	`21`	`try {`
`22`	`22`	`return rs.status().ok != 1;`
`@@ -29,12 +29,12 @@ function authRequired() {`
`29`	`29`	`}`
`30`	`30`
`31`	`31`	`if (authRequired()) {`
`32`		`- <%- if @replset -%>`
	`32`	`+ <%- if $mongodb::server::config::replset { -%>`
`33`	`33`	`db.getMongo().setReadPref('primaryPreferred')`
`34`		`- <%- end -%>`
	`34`	`+ <%- } -%>`
`35`	`35`	`try {`
`36`	`36`	`admin = db.getSiblingDB('admin')`
`37`		`- admin.auth('<%= @admin_username %>', '<%= @admin_password_unsensitive.gsub('\\','\\\\\\\\').gsub("'","\\\\'") %>')`
	`37`	`+ admin.auth('<%= $mongodb::server::config::admin_username %>', '<%= $mongodb::server::config::admin_password.regsubst('\\\\','\\\\\\\\','G').regsubst("'","\\\\'",'G') %>')`
`38`	`38`	`}`
`39`	`39`	`catch (err) {`
`40`	`40`	`// Silently ignore this error, we can't really do anything about it.`
`@@ -44,4 +44,4 @@ if (authRequired()) {`
`44`	`44`	`// This is normal when setting up a new cluster/server.`
`45`	`45`	`}`
`46`	`46`	`}`
`47`		`-<% end -%>`
	`47`	`+<% } -%>`