Add logic for setting root password back, with secrets

2025-12-28 16:45:34 -07:00
parent 8d38116683
commit fa276c321d
2 changed files with 7 additions and 0 deletions
--- a/ansible/inventories/production/host_vars/git.jthan.io/vars.yaml
+++ b/ansible/inventories/production/host_vars/git.jthan.io/vars.yaml
@@ -1 +1,2 @@
 gitea_version: 1.25.3
+root_pw: "{{ lookup('bitwarden.secrets.lookup', '4c3d81e6-bb31-40f9-a37a-b3bd00484160') }}" 
--- a/ansible/roles/common/tasks/main.yaml
+++ b/ansible/roles/common/tasks/main.yaml
@@ -3,6 +3,12 @@
    name: "{{ inventory_hostname }}"
    use: systemd

+- name: Set root password
+  user:
+    name: root
+    password: "{{ root_pw | password_hash('sha512') }}"
+  when: root_pw | default(false)
+
 - name: Install firewalld on RedHat family
  package:
    name: firewalld