All,
Looking to automate password / account management using Ansible. The overall goal is to have an unencrypted password in a file for use (so that I have it handy if I need to pull it up) and the nuse ansible-vault or some other mechanism to encrypt the password. There are two says I’d like to approach this:
(a, preferred) Variable file that has plain-text password, such as:
password:
- user: plain_text_password
- user2: plain_text_password2
I found a stack overflow link that indicated there would be some way to loop over the variables and then encrypt them one-by-one, finally feeding them into the user module. Unfortunately I can’t get this to work properly. Any thoughts / ideas?
(b) The second method is to store a user password in a file and then use the with_password mechanism. This works fine until I use ansible-vault to encrypt the password file. Unfortunately the with_password mechanism will append the salt to the encrypted password file.
Is there a good way to accomplish this goal?
Thanks!