用户模块中的Ansible密码设置。它没有正确设置

时间:2016-05-15 02:56:15

标签: linux ansible ansible-playbook digital-ocean

我是ansible的新手,我在digitalocean中设置我的新实例来配置新用户。基本上,我有设置它的剧本,当我运行剧本时,每个人都可以,但是当我试图检查我的密码是否正常工作时它没有用。

我做了

  

sudo apt-get update

如果密码正常工作。它没有。

---
- name: Configure Server
  hosts: sample_server
  gather_facts: no
  remote_user: root

  vars:
    username: sample_user
    password: sample_password

  tasks:
  - name: Update apt cache
    apt: update_cache=yes

  - name: Safe aptitude upgrade
    apt: upgrade=safe
    async: 600
    poll: 5

  - name: Add my user
    user:
      name: "{{ username }}"
      password: "{{ password }}"
      update_password: always
      shell: /bin/bash
      groups: sudo
      append: yes
      generate_ssh_key: yes
      ssh_key_bits: 2048
      state: present

  - name: Add my workstation user's public key to the new user
    authorized_key:
      user: "{{ username }}"
      key: "{{ lookup('file', 'certificates/id_rsa.pub') }}"
      state: present

  - name: Change SSH port
    lineinfile:
      dest: /etc/ssh/sshd_config
      regexp: "^Port"
      line: "Port 30000"
      state: present
    # notify:
    # - Restart SSH

  - name: Remove root SSH access
    lineinfile:
      dest: /etc/ssh/sshd_config
      regexp: "^PermitRootLogin"
      line: "PermitRootLogin no"
      state: present
    # notify:
    # - Restart SSH

  - name: Remove password SSH access
    lineinfile:
      dest: /etc/ssh/sshd_config
      regexp: "^PasswordAuthentication"
      line: "PasswordAuthentication no"
      state: present
    # notify:
    # - Restart SSH

  - name: Reboot the server
    service: name=ssh state=restarted

  handlers:
  - name: Restart SSH
    service: name=ssh state=restarted

对此有任何想法。感谢

1 个答案:

答案 0 :(得分:2)

Ansible用户模块将密码作为加密值,jinja2过滤器可以处理加密密码的生成。您可以像这样修改用户创建任务:

password: "{{ password | password_hash('sha512') }}"

希望能帮到你