More template cleanup

roles/fas_server/templates/fas.cfg.j2

@@ -156,9 +156,9 @@ visit.cookie.httponly = True
 
 # Database
 {% if env == "staging" %}
-sqlalchemy.dburi="postgres://fas:<%= fasDbPassword %>@db-fas.stg/fas2"
+sqlalchemy.dburi="postgres://fas:{{ fasDbPassword }}@db-fas.stg/fas2"
 {% else %}
-sqlalchemy.dburi="postgres://fas:<%= fasDbPassword %>@db-fas/fas2"
+sqlalchemy.dburi="postgres://fas:{{ fasDbPassword }}@db-fas/fas2"
 {% endif %}
 sqlalchemy.echo=False
 # When using wsgi, we want the pool to be very low (as a separate instance is
@@ -186,11 +186,11 @@ mail.manager = 'demand'
 # Enable yubikeys
 yubi_server_prefix='http://localhost/yk-val/verify?id='
 {% if env == "staging" %}
-ykksm_db="postgres://ykksmimporter:<%= ykksmimporterPassword %>@db-fas01.stg/ykksm"
-ykval_db="postgres://ykval_verifier:<%= ykval_verifierPassword %>@db-fas01.stg/ykval"
+ykksm_db="postgres://ykksmimporter:{{ ykksmimporterPassword }}@db-fas01.stg/ykksm"
+ykval_db="postgres://ykval_verifier:{{ ykval_verifierPassword }}@db-fas01.stg/ykval"
 {% else %}
-ykksm_db="postgres://ykksmimporter:<%= ykksmimporterPassword %>@db-ykksm/ykksm"
-ykval_db="postgres://ykval_verifier:<%= ykval_verifierPassword %>@db-ykval/ykval"
+ykksm_db="postgres://ykksmimporter:{{ ykksmimporterPassword }}@db-ykksm/ykksm"
+ykval_db="postgres://ykval_verifier:{{ ykval_verifierPassword }}@db-ykval/ykval"
 {% endif %}
 
 # Enable or disable generation of SSL certificates for users
@@ -220,7 +220,7 @@ gpghome = "/etc/fas-gpg"
 # Note: gpg_fingerprint and gpg_passphrase are for encrypting password reset mail if the user has
 # a gpg key registered.  It's currently broken
 gpg_fingerprint = "7662 A6D3 4F21 A653 7BD4  BA64 20A0 8C45 4A0E 6255"
-gpg_passphrase = "<%= fasGpgPassphrase %>"
+gpg_passphrase = "{{ fasGpgPassphrase }}"
 gpg_keyserver = "hkp://subkeys.pgp.net"
 
 [/fedora-server-ca.cert]