Add support for crypted passwords to password lookup

Added new parameter 'encrypt' with same semantics from that of vars_prompt. When encryption is requested a random salt will be generated and stored along the password in the form: '<password> salt=<salt>'. Also store passwords with an ending '\n' for easier looking at files with console tools. File content was being already rstripped so this is harmless.
2026-05-07 22:02:50 +00:00 · 2013-05-16 03:27:30 +02:00
parent c0f138db1f
commit 96afc3f462
2 changed files with 71 additions and 14 deletions
--- a/docsite/latest/rst/playbooks2.rst
+++ b/docsite/latest/rst/playbooks2.rst
@@ -537,6 +537,15 @@ This length can be changed by passing an extra parameter::
                    target=/tmp/{{ client }}_{{ tier }}_{{ role }}_backup.sql
          with_password: credentials/{{ client }}/{{ tier }}/{{ role }}/mysqlpassword length=15

+        (...)
+
+        # create an user with a given password
+        - user: name=guestuser
+                state=present
+                uid=5000
+                password={{ item }}
+          with_password: credentials/{{ hostname }}/userpassword encrypt=sha256_crypt
+
 Setting the Environment (and Working With Proxies)
 ``````````````````````````````````````````````````