Ansible: How to automate past “Initial setup of CentOS Linux 7” message


I recently came across an annoying issue with CentOS 7 setup.  I started with a minimal install, completed my installation(including mate desktop) and rebooted.  When I attached to the console of the newly minted VM I discovered it was stuck at a license prompt.  To avoid this issue…



Ansible: How to set user passwords


I’m in the process of converting my Fabric PBX automated installation to an Ansible playbook, but I got stuck on the user module portion.  I want to pass a default password to user accounts.  Ansible’s user module requires the crypted SHA512 hash rather than taking a password.  In other words, instead of supplying a password, you must supply the key(or as they call it a “crypted value”).

I think requiring the “crypted value” is for security reasons, but I imagine if someone has access to the key they can brute force the password anyways.  Sometimes secure and inconvenient mean the same thing I guess!  In any case, the user module should itself generate the key or they should build the feature into ansible-vault.

I stumbled on the instructions provided on the Ansible website.   There were no clear examples of setting a default password on the Ansible user module page.  You would think that would be an obvious one.  There is a link to directions on the Ansible cryption FAQ suggest using ‘mkpasswd’.  However, on the system I use(Fedora 24) the command doesn’t have the ability to output SHA – 512  keys.   Another option presented is a Python 2.7 command that didn’t work for me either.  After some research and a little testing I found a solution.


Goals of this Post:

  • Create crypted user account password
  • Create credentials.yml – VARS FILE for password keys
  • Example of assigning a user module password in a playbook
  • Execute Ansible play and test