role-common-local_os_password/tasks/40-local-os-password.yml

# SPDX-License-Identifier: MIT
- name: 'Set local OS account password'
  loop_control:
    loop_var: 'account'
    index_var: 'i'
    label: 'Set password for local account ''{{ account }}'''
  loop: '{{ reset_password_for_account }}'
  ansible.builtin.user:
    name: '{{ account }}'
    password: '{{ lookup(''hashi_vault'', ''secret=kv/data/settings/machines/'' + fqdn_reverse + ''/os/user/'' + account + '':password'') | string | password_hash(''sha512'', lookup(''hashi_vault'', ''secret=kv/data/settings/machines/'' + fqdn_reverse + ''/os/user/'' + account + '':password_salt'')) }}'
    update_password: 'always'
feat(meta): Trim role content 2025-04-10 02:21:42 +02:00			`# SPDX-License-Identifier: MIT`
feat(role): Initial commit 2022-07-23 22:50:50 +02:00			`- name: 'Set local OS account password'`
feat(meta): Trim role content 2025-04-10 02:21:42 +02:00			`loop_control:`
			`loop_var: 'account'`
			`index_var: 'i'`
			`label: 'Set password for local account ''{{ account }}'''`
			`loop: '{{ reset_password_for_account }}'`
feat(role): Initial commit 2022-07-23 22:50:50 +02:00			`ansible.builtin.user:`
feat(meta): Trim role content 2025-04-10 02:21:42 +02:00			`name: '{{ account }}'`
			`password: '{{ lookup(''hashi_vault'', ''secret=kv/data/settings/machines/'' + fqdn_reverse + ''/os/user/'' + account + '':password'') \| string \| password_hash(''sha512'', lookup(''hashi_vault'', ''secret=kv/data/settings/machines/'' + fqdn_reverse + ''/os/user/'' + account + '':password_salt'')) }}'`
feat(role): Initial commit 2022-07-23 22:50:50 +02:00			`update_password: 'always'`