From 145dccac2db0997dea1246bfd0ca0de4cb445f44 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Fri, 4 Jun 2021 15:51:04 +0200 Subject: [PATCH] Deploy root password Signed-off-by: Yohann D'ANELLO --- group_vars/debian.yml | 3 +++ plays/base.yml | 1 + plays/root.yml | 7 +++++++ roles/root/tasks/main.yml | 6 ++++++ 4 files changed, 17 insertions(+) create mode 100755 plays/root.yml create mode 100644 roles/root/tasks/main.yml diff --git a/group_vars/debian.yml b/group_vars/debian.yml index 186d671..4b3275a 100644 --- a/group_vars/debian.yml +++ b/group_vars/debian.yml @@ -5,3 +5,6 @@ glob_apt: extra_repositories: [] pin: bullseye: [] + +glob_root: + passwd_hash: '{{ vault.root_passwd_hash }}' diff --git a/plays/base.yml b/plays/base.yml index 6a0d6c3..599c3c4 100755 --- a/plays/base.yml +++ b/plays/base.yml @@ -1,6 +1,7 @@ #!/usr/bin/env ansible-playbook --- +- import_playbook: root.yml - import_playbook: apt.yml - import_playbook: ntp.yml - import_playbook: ldap-client.yml diff --git a/plays/root.yml b/plays/root.yml new file mode 100755 index 0000000..835a7c8 --- /dev/null +++ b/plays/root.yml @@ -0,0 +1,7 @@ +#!/usr/bin/env ansible-playbook +--- +- hosts: debian + vars: + root: "{{ glob_root | default({}) | combine(loc_root | default({})) }}" + roles: + - root diff --git a/roles/root/tasks/main.yml b/roles/root/tasks/main.yml new file mode 100644 index 0000000..721309f --- /dev/null +++ b/roles/root/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Deploys root password hash + replace: + path: /etc/shadow + regexp: '^root:[^:]*:' + replace: 'root:{{ root.passwd_hash }}:'