diff options
| author | Lars Wirzenius <liw@liw.fi> | 2017-12-13 11:36:39 +0200 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2017-12-13 11:36:39 +0200 |
| commit | 7f3a53e8bd1c54ce54d6acee3a4310cbeb9b9ea6 (patch) | |
| tree | e8b589f1cec2d5079a04e20a77806e979ec5fadd /roles | |
| parent | 99d9654aad3e89bed54e9cff46ce69b155729340 (diff) | |
| download | debian-ansible-7f3a53e8bd1c54ce54d6acee3a4310cbeb9b9ea6.tar.gz | |
Add: password field for users in unix_users
This is for an _encrypted_ password. Sometimes it's necessary to have
one, and just ssh key access isn't enough. Say, IMAP users.
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/unix_users/defaults/main.yml | 4 | ||||
| -rw-r--r-- | roles/unix_users/tasks/main.yml | 1 |
2 files changed, 5 insertions, 0 deletions
diff --git a/roles/unix_users/defaults/main.yml b/roles/unix_users/defaults/main.yml index 5914b08..ea33fc9 100644 --- a/roles/unix_users/defaults/main.yml +++ b/roles/unix_users/defaults/main.yml @@ -9,6 +9,10 @@ # ssh_key_pub -- install this as ~/.ssh/id_rsa.pub # ssh_key_pub -- install this as ~/.ssh/id_rsa.pub # authorized_keys -- install this as ~/.ssh/authorized_keys +# password -- encrypted password +# +# Create the encrypted password with something like: +# password: "{{ lookup('pipe', 'pass show foo | mkpasswd --method=sha-512 --stdin') }}" # unix_users: [] diff --git a/roles/unix_users/tasks/main.yml b/roles/unix_users/tasks/main.yml index d948dc8..adcb90e 100644 --- a/roles/unix_users/tasks/main.yml +++ b/roles/unix_users/tasks/main.yml @@ -5,6 +5,7 @@ comment: "{{ item.comment|default('unnamed user') }}" shell: "{{ item.shell|default('/bin/bash') }}" system: "{{ item.system|default('no') }}" + password: "{{ item.password|default('xxx') }}" - name: create ~/.ssh for each user with_items: "{{ unix_users }}" |