afgane/playbook.yaml

## playbook.yaml
- name: Go
  hosts: all
  gather_facts: no
  vars:
    rancher_hostname: rancher.local
    pwd: pwd-from-cloudlaunch

  tasks:
    - name: Reset admin pwd
      # kubeconfig on k3s at /etc/rancher/k3s/k3s.yaml
      shell: kubectl --kubeconfig k3s.yaml -n
        cattle-system exec $(kubectl --kubeconfig k3s.yaml -n
        cattle-system get pods -l app=rancher | grep '1/1' | head -1 | awk '{
        print $1 }') -- reset-password | tail -n 1
      register: reset_pwd

    - name: Store the new admin pwd
      set_fact:
        initial_pwd: "{{ reset_pwd.stdout }}"

    - name: Print the new admin pwd
      debug:
        msg: "New (random) admin pwd: {{ initial_pwd }}"
        verbosity: 2

    - name: Authenticate
      uri:
        url: "https://{{ rancher_hostname }}/v3-public/localProviders/local?action=login"
        method: POST
        body_format: json
        body:
          username: admin
          password: "{{ initial_pwd }}"
        validate_certs: no
        status_code: 201
        return_content: yes
      ignore_errors: yes
      register: login_response

    - name: Store auth token
      set_fact:
        token: "{{ login_response.json.token }}"
      when: login_response is succeeded

    - name: Print auth token
      debug:
        msg: "Auth token: {{ token }}"
        verbosity: 2

    # - name: Get users
    #   uri:
    #     url: https://rancher.local/v3/users?me=true
    #     headers:
    #       Authorization: Bearer {{ token }}
    #     validate_certs: no
    #   register: users

    # - name: Users
    #   debug:
    #     msg: "Users: {{ users }}"

    - name: Set admin password
      uri:
        url: "https://{{ rancher_hostname }}/v3/users?action=changepassword"
        headers:
          Authorization: Bearer {{ token }}
        method: POST
        body_format: json
        body:
          currentPassword: "{{ initial_pwd }}"
          newPassword: "{{ pwd }}"
        validate_certs: no
        status_code: 200

## set_pwd.sh
#!/bin/sh

# Abort if any command fails
set -e
RANCHER_HOSTNAME=rancher.local
PASSWORD=xxx

# Reset admin password
RANDOM_PWD=$(kubectl --kubeconfig k3s.yaml -n cattle-system exec \
             $(kubectl --kubeconfig k3s.yaml -n cattle-system get pods \
             -l app=rancher | grep '1/1' | head -1 | awk '{ print $1 }') \
             -- reset-password | tail -n 1)
# Authenticate to get an auth token
LOGIN_TOKEN=`curl -s -k --data-binary '{"username":"admin","password":"'$RANDOM_PWD'","ttl":60000}' -H "Content-Type: application/json" https://rancher.local/v3-public/localProviders/local?action=login | jq -r .token`

# Set admin password
curl --insecure --silent "https://$RANCHER_HOSTNAME/v3/users?action=changepassword" -H 'Content-Type: application/json' -H "Authorization: Bearer $LOGIN_TOKEN" --data-binary '{"currentPassword":"'$RANDOM_PWD'", "newPassword":"'$PASSWORD'"}'
	- name: Go
	hosts: all
	gather_facts: no
	vars:
	rancher_hostname: rancher.local
	pwd: pwd-from-cloudlaunch

	tasks:
	- name: Reset admin pwd
	# kubeconfig on k3s at /etc/rancher/k3s/k3s.yaml
	shell: kubectl --kubeconfig k3s.yaml -n
	cattle-system exec $(kubectl --kubeconfig k3s.yaml -n
	cattle-system get pods -l app=rancher \| grep '1/1' \| head -1 \| awk '{
	print $1 }') -- reset-password \| tail -n 1
	register: reset_pwd

	- name: Store the new admin pwd
	set_fact:
	initial_pwd: "{{ reset_pwd.stdout }}"

	- name: Print the new admin pwd
	debug:
	msg: "New (random) admin pwd: {{ initial_pwd }}"
	verbosity: 2

	- name: Authenticate
	uri:
	url: "https://{{ rancher_hostname }}/v3-public/localProviders/local?action=login"
	method: POST
	body_format: json
	body:
	username: admin
	password: "{{ initial_pwd }}"
	validate_certs: no
	status_code: 201
	return_content: yes
	ignore_errors: yes
	register: login_response

	- name: Store auth token
	set_fact:
	token: "{{ login_response.json.token }}"
	when: login_response is succeeded

	- name: Print auth token
	debug:
	msg: "Auth token: {{ token }}"
	verbosity: 2

	# - name: Get users
	# uri:
	# url: https://rancher.local/v3/users?me=true
	# headers:
	# Authorization: Bearer {{ token }}
	# validate_certs: no
	# register: users

	# - name: Users
	# debug:
	# msg: "Users: {{ users }}"

	- name: Set admin password
	uri:
	url: "https://{{ rancher_hostname }}/v3/users?action=changepassword"
	headers:
	Authorization: Bearer {{ token }}
	method: POST
	body_format: json
	body:
	currentPassword: "{{ initial_pwd }}"
	newPassword: "{{ pwd }}"
	validate_certs: no
	status_code: 200
	#!/bin/sh

	# Abort if any command fails
	set -e
	RANCHER_HOSTNAME=rancher.local
	PASSWORD=xxx

	# Reset admin password
	RANDOM_PWD=$(kubectl --kubeconfig k3s.yaml -n cattle-system exec \
	$(kubectl --kubeconfig k3s.yaml -n cattle-system get pods \
	-l app=rancher \| grep '1/1' \| head -1 \| awk '{ print $1 }') \
	-- reset-password \| tail -n 1)
	# Authenticate to get an auth token
	LOGIN_TOKEN=`curl -s -k --data-binary '{"username":"admin","password":"'$RANDOM_PWD'","ttl":60000}' -H "Content-Type: application/json" https://rancher.local/v3-public/localProviders/local?action=login \| jq -r .token`

	# Set admin password
	curl --insecure --silent "https://$RANCHER_HOSTNAME/v3/users?action=changepassword" -H 'Content-Type: application/json' -H "Authorization: Bearer $LOGIN_TOKEN" --data-binary '{"currentPassword":"'$RANDOM_PWD'", "newPassword":"'$PASSWORD'"}'