批量添加用户
[devlops@server1 ansible]$ ansible-playbook useradd.yml
[devlops@server1 ansible]$ cat useradd.yml
---
- hosts: test
tasks:
- name: create user
user:
name: "{{ item.user }}"
password: "{{ 'item.pass' | password_hash('sha512') }}"
state: present
loop:
- { user: user1, pass: 123 }
- { user: user2, pass: 456 }
- { user: user3, pass: 789 }
设置加密文件
[devlops@server1 ansible]$ ansible-vault
Usage: ansible-vault [create|decrypt|edit|encrypt|encrypt_string|rekey|view] [options] [vaultfile.yml]
[devlops@server1 ansible]$ ansible-vault encrypt userlist.yml ##加密文件
[devlops@server1 ansible]$ ansible-vault edit userlist.yml ##编辑加密文件
[devlops@server1 ansible]$ cat userlist.yml
[devlops@server1 ansible]$ ansible-vault decrypt userlist.yml ##取消加密
[devlops@server1 ansible]$ cat userlist.yml
[devlops@server1 ansible]$ ansible-playbook useradd.yml --ask-vault-pass
目标主机创建的用户密码是加密过的