Example 3: Update passwords by passwordstore

Update passwords of users at host test_01. New passwords will be created by the pass utility and will be stored in passwordstore. Use the same playbook and variables as in Example 1. Remove the attributes userpass from the variable lp_users. The only required attribute is the name of the user.

 shell> cat host_vars/test_01/lp-users.yml
 lp_users:
   - name: user1
   - name: user2

Update the passwords

shell> ansible-playbook lp.yml -t lp_passwords \
                               -e lp_passwordstore_create=True \
                               -e lp_passwordstore_overwrite=True
...
TASK [vbotka.linux_postinstall : users: Manage user accounts] **********
changed: [test_01] => (item=user1)
changed: [test_01] => (item=user2)

The command is idempotent

shell> ansible-playbook lp.yml -t lp_passwords
...

PLAY RECAP *************************************************************
test_01: ok=18 changed=0 unreachable=0 failed=0 skipped=20 rescued=0 ...

Show the passwords stored in passwordstore at the controller

shell> pass test_01
test_01
├── user1
└── user2

shell> pass test_01/user1
A,5bH5NtdYQ9FCO:
lookup_pass: First generated by ansible on 01/07/2020 16:59:00

shell> pass test_01/user2
gUp-cn5C.cse6Cx0
lookup_pass: First generated by ansible on 01/07/2020 16:59:00

See the passwordstore log at the controller git log and test the new passwords at test_01.