roles/common/user: better handling of passwords

commit d17da89e3c006d938bd2e66e75d4932edce34aa3
parent 9f8a33e167ea6cbc0c3ffff01e3e3aabe6107f25
Author: Leah (ctucx) <leah@ctu.cx>
Date: Fri, 26 Feb 2021 14:15:09 +0100

roles/common/user: better handling of passwords

1 file changed, 14 insertions(+), 13 deletions(-)

roles/common/tasks/users.yml

++++++++++++++-------------

diff --git a/roles/common/tasks/users.yml b/roles/common/tasks/users.yml
@@ -2,33 +2,33 @@
 
 - name: "Add groups" 
   group:
-    name: "{{item.name}}"
+    name: "{{ item.name }}"
     state: present
   loop: "{{ system.users }}"
 
 - name: "Add users" 
   user:
     append: yes
-    name: "{{item.name}}"
-    group: "{{item.name}}"
-    groups: "{{item.groups}}"
-    password: "{{item.password}}"
+    name: "{{ item.name }}"
+    group: "{{ item.name }}"
+    groups: "{{ item.groups }}"
+    password: "{{item.password | password_hash('sha512', 'uD7ieghugeigh4eisoimoa3iushaeshechoonaequah5eiquerohph9paexai7oh') }}"
   loop: "{{ system.users }}"
 
 - name: "Create ~/.ssh directory for users"
   file:
     state: directory
-    dest: "/home/{{item.name}}/.ssh/"
+    dest: "/home/{{ item.name }}/.ssh/"
     mode: 0755
-    owner: "{{item.name}}"
-    group: "{{item.name}}"
+    owner: "{{ item.name }}"
+    group: "{{ item.name }}"
   loop: "{{ system.users }}"
 
 - name: "Place ssh-key for users"
   copy:
-    content: "{{item.allowedSshKeys | join('\n')}}"
-    dest: "/home/{{item.name}}/.ssh/authorized_keys"
+    content: "{{ item.allowedSshKeys | join('\n') }}"
+    dest: "/home/{{ item.name }}/.ssh/authorized_keys"
     mode: 0644    
-    owner: "{{item.name}}"
-    group: "{{item.name}}"
-  loop: "{{ system.users }}"
+    owner: "{{ item.name }}"
+    group: "{{ item.name }}"
+  loop: "{{ system.users }}"+
\ No newline at end of file