Adding update_user_password

2025-01-14 18:57:18 -05:00 · 2025-01-14 18:57:18 -05:00 · 6d1318e954
commit 6d1318e954
parent b71861555f
1 changed files with 39 additions and 0 deletions
--- a/playbooks/update_user_password.yml
+++ b/playbooks/update_user_password.yml
@ -0,0 +1,39 @@
+---
+- hosts: all
+  become: true
+  become_method: sudo
+  become_user: root
+  vars:
+    password_salt: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          31393533613636613064623931356565383762336134346665306361653339623266353766386132
+          6230623765343034333763383666343532643735333766390a376636353463326163376632633230
+          39656165633638313463643664306434623863346161316630646435373164346330313533303932
+          3364646665346461380a643564313762393362653064626463663064363135663937336238623164
+          32643632393539643636383337386436626536393534613337376232663632333063
+  tasks:
+    - name: "Fail if what_user is not set"
+      ansible.builtin.fail:
+        msg: "You have to specify the what_user variable"
+      when: not what_user is defined
+      run_once: true
+      delegate_to: 127.0.0.1
+    
+    - name: "Fail if what_password is not set"
+      ansible.builtin.fail:
+        msg: "You have to specify the what_password variable"
+      when: not what_user is defined
+      run_once: true
+      delegate_to: 127.0.0.1
+
+    - name: Fail if user specified does not exist
+      ansible.builtin.getent:
+        database: passwd
+        key: "{{ what_user }}"
+
+    - name: Update user password
+      ansible.builtin.user:
+        name: "{{ what_user }}"
+        password: "{{ what_password | password_hash('sha512', password_salt) }}"
+      
+