passwordstore - manage passwords with passwordstore.org’s pass utility
New in version 2.3.
Synopsis
- Enables Ansible to retrieve, create or update passwords from the passwordstore.org pass utility. It also retrieves YAML style keys stored as multilines in the passwordfile.
Parameters
| Parameter | Choices/Defaults | Configuration | Comments |
|---|---|---|---|
| _terms required | query key | ||
| create bool |
| flag to create the password | |
| directory | env:PASSWORD_STORE_DIR | directory of the password store | |
| length integer | Default: 16 | password length | |
| overwrite bool |
| flag to overwrite the password | |
| passwordstore | Default: "~/.password-store" | location of the password store | |
| returnall bool |
| flag to return all the contents of the password store | |
| subkey | Default: "password" | subkey to return | |
| userpass | user password |
Examples
# Debug is used for examples, BAD IDEA to show passwords on screen
- name: Basic lookup. Fails if example/test doesn't exist
debug: msg="{{ lookup('passwordstore', 'example/test')}}"
- name: Create pass with random 16 character password. If password exists just give the password
debug: var=mypassword
vars:
mypassword: "{{ lookup('passwordstore', 'example/test create=true')}}"
- name: Different size password
debug: msg="{{ lookup('passwordstore', 'example/test create=true length=42')}}"
- name: Create password and overwrite the password if it exists. As a bonus, this module includes the old password inside the pass file
debug: msg="{{ lookup('passwordstore', 'example/test create=true overwrite=true')}}"
- name: Return the value for user in the KV pair user, username
debug: msg="{{ lookup('passwordstore', 'example/test subkey=user')}}"
- name: Return the entire password file content
set_fact: passfilecontent="{{ lookup('passwordstore', 'example/test returnall=true')}}"
Return Values
Common return values are documented here, the following are the fields unique to this lookup:
| Key | Returned | Description |
|---|---|---|
| _raw | a password |
Status
Author
- Patrick Deelman <patrick@patrickdeelman.nl>
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/plugins/lookup/passwordstore.html