[student@workstation exec-ansible-vault]$ ansible-vault create secret.yml
New Vault password:
Confirm New Vault password:
newusers:
- name: ansibleuser1
pw: redhat
- name: ansibleuser2
pw: redhat
[student@workstation exec-ansible-vault]$ vi create_users.yml
[student@workstation exec-ansible-vault]$ cat create_users.yml
---
- name: create user accounts for all our servers
hosts: devservers
become: true
remote_user: devops
vars_files:
- secret.yml
tasks:
- name: Creating users from secret.yml
user:
name: "{{ item.name }}"
password: "{{ item.pw | password_hash('sha512') }}"
with_items: "{{ newusers }}"
[student@workstation exec-ansible-vault]$
[student@workstation exec-ansible-vault]$ ls
ansible.cfg create_users.yml inventory secret.yml
[student@workstation exec-ansible-vault]$ echo 'redhat' > vault-pass
[student@workstation exec-ansible-vault]$ chmod 0600 vault-pass
[student@workstation exec-ansible-vault]$ tree
.
├── ansible.cfg
├── create_users.yml
├── inventory
│ └── hosts
├── secret.yml
└── vault-pass
[student@workstation exec-ansible-vault]$ ssh -o PreferredAuthentications=password ansibleuser1@servera.lab.example.com
ansibleuser1@servera.lab.example.com's password:
[ansibleuser1@servera ~]$
Overview
Content Tools
Add Comment