25 lines
787 B
YAML
Executable File
25 lines
787 B
YAML
Executable File
---
|
|
- name: Prepare password for user {{ username }}
|
|
when:
|
|
- password is defined
|
|
- password != ""
|
|
- password != '*'
|
|
block:
|
|
- name: Create idempotent salt for password
|
|
set_fact:
|
|
salt: "{{ ((username + inventory_hostname) | hash('sha512'))[:16] }}"
|
|
|
|
- name: Encrypt password for user {{ username }}
|
|
shell: python3 -c 'import crypt; print(crypt.crypt("{{ password }}", "$6${{ salt }}"))'
|
|
register: username_shadowpw
|
|
changed_when: false
|
|
|
|
- name: "Ensure user is configured correctly: {{ username }}"
|
|
user:
|
|
name: "{{ username }}"
|
|
shell: /bin/bash
|
|
generate_ssh_key: true
|
|
password: "{{ username_shadowpw.stdout | default('*') }}"
|
|
groups: "{{ user_groups | default('') }}"
|
|
append: "{{ append | default('yes') }}"
|