Optional non-empty passwords for the container user.

2021-11-12 15:29:39 +01:00 · 2021-11-12 15:29:39 +01:00 · baba55e05a
commit baba55e05a
parent 1b5f7ea0b5
2 changed files with 12 additions and 2 deletions
--- a/edubox.yml
+++ b/edubox.yml
@ -7,6 +7,9 @@
  become: yes
  vars:
    contname: cont
+    ## Password for the user 'ansible' in the container,
+    ## leave empty to log in without password:
+    contpwd: ""
    containers: "{{ range(0, 9 + 1) | list }}"
    extra_pkgs: [apt-cacher-ng]

--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@ -103,14 +103,21 @@
    cmd: chroot . sh -c "passwd -d ansible"
  args:
    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(false)
+  when: user_account.changed | default(false) and contpwd | length == 0
+
+- name: provide password for container ansible user
+  command:
+    cmd: chroot . sh -c "echo ansible:{{ contpwd }} | chpasswd"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(true) and contpwd | length > 0

 - name: allow empty passwords in ssh
  lineinfile:
    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
    insertafter: '#PermitEmptyPasswords no'
    line: 'PermitEmptyPasswords yes'
-  when: user_account.changed | default(false)
+  when: user_account.changed | default(false) and contpwd | length == 0

 - name: prepare directories
  file: