Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@Alevsk
Created March 28, 2023 06:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Alevsk/58aabca3dfb25be429f45ad204500dd1 to your computer and use it in GitHub Desktop.
Save Alevsk/58aabca3dfb25be429f45ad204500dd1 to your computer and use it in GitHub Desktop.
Ansible playbook to fetch credentials from 1Password and then rotate user credentials
- hosts: "{{ HOSTS }}"
name: Rotate credentials
become: yes
vars:
root_password: "{{ lookup('pipe', 'op item get \"root user\" --fields password') }}"
user_password: "{{ lookup('pipe', 'op item get \"regular user\" --fields password') }}"
tasks:
- name: change user password
no_log: True
ansible.builtin.user:
name: "{{ ansible_user }}"
state: present
password: "{{ user_password | password_hash('sha512') }}"
- name: change root password
no_log: True
ansible.builtin.user:
name: "root"
state: present
password: "{{ root_password | password_hash('sha512') }}"
- name: Sign Off from 1Password
no_log: True
ansible.builtin.set_fact:
signout: "{{ lookup('pipe', 'op signout') }}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment