44 lines
1.1 KiB
Markdown
44 lines
1.1 KiB
Markdown
[//]: # (SPDX-License-Identifier: MIT)
|
|
# Role Name
|
|
|
|
role-common-local_os_password
|
|
|
|
# Description
|
|
|
|
Change an operating system's local user password.
|
|
|
|
# Requirements
|
|
|
|
Your target machines must be Linux.
|
|
|
|
# Role Variables
|
|
|
|
This role requires variables defined in [defaults/main.yml](defaults/main.yml). Feel free to overwrite them as needed for your HashiCorp Vault setup for example in a `group_vars` or `host_vars` file.
|
|
|
|
- `fqdn_reverse`: A variable that contains the reversed fully qualified domain name for each host. For `fully.qualified.domain.name` this variable will equal `name/domain/qualified/fully` which we then use in our HashiCorp Vault path to retrieve a password and password salt per host and per user.
|
|
- `reset_password_for_account`: A list of usernames whose password we want changed. This defaults to:
|
|
```
|
|
reset_password_for_account:
|
|
- 'build'
|
|
- 'root'
|
|
```
|
|
|
|
# Dependencies
|
|
|
|
None.
|
|
|
|
# Example Playbook
|
|
|
|
In your `playbook.yml` call it like so:
|
|
|
|
```
|
|
- name: 'Awesome playbook'
|
|
hosts: all
|
|
roles:
|
|
- 'role-common-local_os_password'
|
|
```
|
|
|
|
# License
|
|
|
|
MIT
|