From e7afc13285b725faf0bdcadbb3cc4888e1f81b64 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sat, 16 Dec 2017 15:25:11 +0200
Subject: Fix: only set password if one is given

Previously this would set the encrypted password to xxx which means
authn never works. I'm so stupid that the only reason I breathe is
because my body doesn't let me have a vote in the matter.
---
 roles/unix_users/tasks/main.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'roles')

diff --git a/roles/unix_users/tasks/main.yml b/roles/unix_users/tasks/main.yml
index adcb90e..19f0dac 100644
--- a/roles/unix_users/tasks/main.yml
+++ b/roles/unix_users/tasks/main.yml
@@ -5,7 +5,13 @@
     comment: "{{ item.comment|default('unnamed user') }}"
     shell: "{{ item.shell|default('/bin/bash') }}"
     system: "{{ item.system|default('no') }}"
-    password: "{{ item.password|default('xxx') }}"
+
+- name: set password for users
+  with_items: "{{ unix_users }}"
+  when: item.password is defined
+  user:
+    name: "{{ item.username }}"
+    password: "{{ item.password }}"
 
 - name: create ~/.ssh for each user
   with_items: "{{ unix_users }}"
-- 
cgit v1.2.1