35 lines
1.4 KiB
YAML
35 lines
1.4 KiB
YAML
- name: Generate password for {{ item.name }}
|
|
when: passwords[item.name + '_password'] is not defined
|
|
block:
|
|
- name: Create password for {{ item.name }}
|
|
shell: "< /dev/urandom tr -dc A-Za-z0-9 | head -c${1:-64};echo;"
|
|
register: password
|
|
|
|
- name: Show password json for {{ item.name }}
|
|
debug:
|
|
msg: "{{ password }}"
|
|
verbosity: 2
|
|
|
|
- name: Write password for {{ item.name }}
|
|
lineinfile:
|
|
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
|
|
line: "{{ item.name }}_password: \"{{ password.stdout }}\""
|
|
|
|
- name: Generate password for {{ item.name }}
|
|
when: passwords[item.name + '_pbkdf2_sha512_hash'] is not defined
|
|
block:
|
|
- name: Create PBKDF2-SHA512 hash from password for {{ item.name }}
|
|
docker_container:
|
|
name: slappasswd
|
|
image: "{{ docker_registry }}/pwgen"
|
|
cleanup: true
|
|
detach: false
|
|
container_default_behavior: no_defaults
|
|
command: "slappasswd -o module-load=pw-pbkdf2 -h {PBKDF2-SHA512} -s {{ password.stdout | default(item.name + '_password') }}"
|
|
register: docker_container_output
|
|
|
|
- name: Write PBKDF2-SHA512 hash for {{ item.name }}
|
|
lineinfile:
|
|
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
|
|
line: "{{ item.name }}_pbkdf2_sha512_hash: \"{{ docker_container_output.container.Output.split('\n')[0] }}\""
|