4

I have some servers which I want to administer with ansible. Currently I need to create user acounts on all of them. On some of them, some accounts are already present. I want to create the users with a default password, but if the user exist don't change his password.

Can someone help me with this condition ?

Here is my playbook :

---
- hosts: all
  become: yes
  vars:
    sudo_users:
       # password is generated through "mkpasswd" command from 'whois' package
      - login: user1
        password: hashed_password
      - login: user1
        password: hashed_password

  tasks:
    - name: Make sure we have a 'sudo' group
      group:
        name: sudo
        state: present

    - user:
        name: "{{ item.login }}"
        #password: "{{ item.password }}"
        shell: /bin/bash
        groups: "{{ item.login }},sudo"
        append: yes
      with_items: "{{ sudo_users }}"
Marin Bînzari
  • 5,208
  • 2
  • 26
  • 43
  • This question should be closed, since its already documented on the Ansible docs site. Simple typo error... – Kyslik Jun 05 '17 at 09:27
  • 6
    I came here googling a problem in a similar context and found it helpful. If we closed all questions that were (a) typos or (b) documented elsewhere then SOF would be pretty deserted. – Jan Groth May 27 '18 at 21:00

1 Answers1

8

From the docs of user module:

update_password (added in 1.3) always/on_create
always will update passwords if they differ. on_create will only set the password for newly created users.

Konstantin Suvorov
  • 65,183
  • 9
  • 162
  • 193