I have a slightly different approach to this. I have a relatively generic pooldata action plugin. This is used in a play like this:-
- name: Get root password pooldata: data_file: pooldata/rootpw/used/{{inventory_hostname}}.json pool_directory: pooldata/rootpw/pool - name: Set root password user: name: root state: present password: '{{ generated_root_password.crypted_password }}' comment: 'Superuser Account' If there is a file corresponding to the data_file then the (JSON) contents of that are loaded into facts. Otherwise a random file from the pool_directory is renamed to the data_file and that is loaded. The files are autogenerated by a script, and look like this:- { "generated_root_password" : { "crypted_password" : "$6$U2.gCoRx$r19ANf9aUP2/Eqvj.SciaMFo5QXDS8pp1gKtQQMGJrb571V8Tp.dCNCeKhnqWllQ39g.5VZjBI7a4vjnJqwr31", "tag" : "ceVePaDa", "record_number" : 2049 } } The script that generates them also generates a lookup table stored separately of the actual password against the tag/record number. This means the clear text root passwords are not stored on the ansible box. This dance is done to allow the “database” to be easily held in git without potentially hitting difficult merge issues if there are branches etc. I’m very happy to make the pooldata plugin available - I should have cleaned it up and pushed it to github years ago! Nigel. On 24 March 2016 at 14:31:34, Johannes Kastl (m...@ojkastl.de) wrote: Bootstrapping a new server, creating a user, setting a random password. Works like a charm. But is it possible to save the generated password in the corresponding host_vars file for the new server? -- [ Nigel Metheringham ------------------------------ ni...@dotdot.it ] [ Ellipsis Intangible Technologies ] -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/etPan.56f422aa.1674e1b1.40d%40weatherwax.intechnology.co.uk. For more options, visit https://groups.google.com/d/optout.