- name: Test if password exists in file for {{ item.name }} shell: grep -c "^{{ item.name }}_password" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true register: password_test_grep - name: Test if password htpasswd hash exists in file for {{ item.name }} shell: grep -c "^{{ item.name }}_htpasswd_hash" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true register: htpasswd_hash_test_grep - name: Create password for {{ item.name }} shell: "< /dev/urandom tr -dc A-Za-z0-9 | head -c${1:-64};echo;" register: password when: password_test_grep.stdout == '0' - name: Show password json for {{ item.name }} debug: msg: "{{ password }}" verbosity: 2 when: password_test_grep.stdout == '0' - name: Create bcrypt hash from password for {{ item.name }} docker_container: name: slappasswd image: "{{ docker_registry }}/pwgen" cleanup: true detach: false container_default_behavior: no_defaults command: "htpasswd -B -n -i -b -C 16 {{ item.name }} {{ password.stdout | default(item.name + '_password') }}" register: docker_container_output when: htpasswd_hash_test_grep.stdout == '0' - name: Show docker_container_output for {{ item.name }} debug: msg: "{{ docker_container_output }}" verbosity: 2 - name: Write password for {{ item.name }} lineinfile: path: "{{ inventory_dir }}/group_vars/all/passwords.yaml" line: "{{ item.name }}_password: \"{{ password.stdout }}\"" when: password_test_grep.stdout == '0' - name: Write htpasswd hash for {{ item.name }} lineinfile: path: "{{ inventory_dir }}/group_vars/all/passwords.yaml" line: "{{ item.name }}_htpasswd_hash: \"{{ docker_container_output.container.Output.split('\n')[0].split(':')[1] }}\"" when: htpasswd_hash_test_grep.stdout == '0'