On Monday, August 3, 2015 at 8:29:28 PM UTC-4, Dewey Hylton wrote:
>
> hi all. i’m not new to ansible but am still apparently fairly green with
> regards to what appears to me to be non-trivial stuff.
>
> my current goal is to replace an aging python script which does something
> like this (very bad pseudo-code but will hopefully make sense):
>
> for each user, password:
> if user exists:
> password = password+randomtext
> if ostype = 1:
> passhash = hash1(password)
> elif ostype = 2:
> passhash = hash2(password)
> else:
> passhash = hash3(password)
>
> set user password using passhash (done via user: in unusable)
>
> do to os restrictions, i am creating the password hash via local_action
> python/passlib.hash (the jinja2 | password_hash filter doesn’t provide the
> needed hash in all situations). this is a task by itself. the text for the
> password is somewhat programmatically created, requiring its own task.
>
> i’ve been able to get all this working in ansible playbook format using a
> single user / password combination across multiple hosts with the multiple
> hash requirements. what i’m failing to figure out is how to loop through
> multiple users each having their own base password. this same lack of
> understanding will also cause me to fail when dealing with multiple files
> later in this same project.
>
> the bottom line is that i’m trying to create a loop within a loop; the
> outer loop is per user, the inner loop is dealing with the password hash
> and requires multiple tasks. this is the way it works in the original
> python; ansible of course doesn’t work this way and i’m having difficulty
> figuring out how to do this without running the playbook multiple times
> with different variables. i've tried and failed to figure out how to do
> this via 'register' and 'set_fact' ...
>
> i’ve gotten good feedback via irc, but ultimately need a bigger clue
> stick. please whack away.
>
an example failure on my part ... given the following:
vars:
- users:
- newtestuser1:
username: newtestuser1
basetext: foo1
password: none
- newtestuser2:
username: newtestuser2
basetext: foo2
password: none
tasks:
- name: generate passwd text
local_action: shell python -c 'from datetime import datetime;
nowiso=datetime.now().isoformat(); print("%s%s%s" % (nowiso[3], "{{
item.basetext }}", nowiso[5:7]))'
register: password
with_items: "{{ users }}"
is there a way to take the output (password.stdout ?) for each iteration
and assign it to username.password so that they can be properly accessed
for later processing? or is there a different way to access these variables
that i'm just missing?
in the end, i need to create a password hash for each of these text
passwords, and associate the hash with the proper username for use with the
user: module ...
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/5f8967b9-d65f-4221-bc65-9f00d719ba37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
