问题
I'm trying to solve a little problem that I'm having at this moments.
I make a little playbook to generate users in multiple machines with the same UID and groups.
but when i try to pass the password as extra variable ansible response:
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
At this moment I am using ansible with jenkins.
This is the playbook (debuging)
---
- name: Create New Users
hosts: "{{svr}}"
vars:
gen_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
private: yes
encrypt: "md5_crypt"
tasks:
- set_fact:
passwd: "{{gen_passwd}}"
- name: Create Users Task
user:
name: "{{usr}}"
state: present
password: "{{passwd}}"
shell: /bin/bash
uid: "{{uid}}"
group: "{{primary_group}}"
groups: "{{grps}}"
create_home: yes
- debug:
msg: "{{passwd}}"
Now im not trying to pass it like a extra var, im trying to generate it and send it via email to the user who request it.
Any ideas?
edit
Finally solved with python-passlib
You need to have python-passlib for use password_hash('sha512')
yum install python-passlib
The final playboook with generated password and emailed to the user is:
---
- name: Create New Users
hosts: "{{svr}}"
vars:
gen_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
tasks:
- set_fact:
passwd: "{{gen_passwd}}"
- name: Create Users Task
user:
name: "{{usr}}"
state: present
password: "{{passwd | password_hash('sha512')}}"
shell: /bin/bash
uid: "{{uid}}"
group: "{{primary_group}}"
groups: "{{grps}}"
create_home: yes
- debug:
msg: "{{passwd}}"
- mail:
from: EMAIL NAME <noreply@server.com>
to: "{{em_sol}}"
subject: User request
subtype: html
body: '<table style="font-family:Calibri; color:#5F5F5F; margin-top:15px; margin-left:15px">
<tbody>
<tr>
<td> </td>
</tr>
<tr>
<td>
<h1>User request</h1>
</td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><b>User:</b></td>
</tr>
<tr>
<td>"{{usr}}"</td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><b>Description:</b></td>
</tr>
<tr>
<td>User created: "{{usr}}"</td>
</tr>
<td>User was created in the servers: "{{svr}}"</td>
</tr>
<td>User has been included in: "{{primary_group}}" "{{grps}}"</td>
</tr>
<td>The generated password is: "{{passwd}}"</td>
</tr>
<tr>
<td>
<hr>
</td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><b>User requested by:</b></td>
</tr>
<tr>
<td>"{{em_sol}}" </td>
</tr>
<tr>
</tr>
</tr>
</tr>
</tr>
<tr>
<td>Please, don´t reply this email.</td>
</tr>
<tr>
<td>
<hr>
</td>
</tr>
<tr>
</tr>
<tr>
<td></td>
</tr>
<tr>
</tr>
</tbody>
</table>'
These code send an email in html mode from ansible
Hope it help to someone!
来源:https://stackoverflow.com/questions/59660540/passwords-in-user-module-ansible