45 lines
1.5 KiB
YAML
45 lines
1.5 KiB
YAML
---
|
|
- hosts: all
|
|
become: true
|
|
become_method: sudo
|
|
become_user: root
|
|
vars:
|
|
password_salt: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
31393533613636613064623931356565383762336134346665306361653339623266353766386132
|
|
6230623765343034333763383666343532643735333766390a376636353463326163376632633230
|
|
39656165633638313463643664306434623863346161316630646435373164346330313533303932
|
|
3364646665346461380a643564313762393362653064626463663064363135663937336238623164
|
|
32643632393539643636383337386436626536393534613337376232663632333063
|
|
tasks:
|
|
- name: "Fail if what_user is not set"
|
|
ansible.builtin.fail:
|
|
msg: "You have to specify the what_user variable"
|
|
when: not what_user is defined
|
|
run_once: true
|
|
delegate_to: 127.0.0.1
|
|
|
|
- name: "Fail if what_password is not set"
|
|
ansible.builtin.fail:
|
|
msg: "You have to specify the what_password variable"
|
|
when: not what_user is defined
|
|
run_once: true
|
|
delegate_to: 127.0.0.1
|
|
|
|
- name: Fail if user specified does not exist
|
|
ansible.builtin.getent:
|
|
database: passwd
|
|
key: "{{ what_user }}"
|
|
|
|
- name: Ensure passlib is installed locally
|
|
ansible.builtin.pip:
|
|
name: passlib
|
|
run_once: true
|
|
delegate_to: 127.0.0.1
|
|
|
|
- name: Update user password
|
|
ansible.builtin.user:
|
|
name: "{{ what_user }}"
|
|
password: "{{ what_password | password_hash('sha512', password_salt) }}"
|
|
|
|
|