diff --git a/tasks/configure.yml b/tasks/configure.yml index 814f8fb..482f287 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -1,13 +1,19 @@ --- -- name: Einstellung des Worker controllers - become: true - ansible.builtin.template: - src: templates/worker-controller.inc.j2 - dest: "{{ rspamd__config_path }}worker-controller.inc" - mode: '0640' - owner: "{{ rspamd__default_owner }}" - group: "{{ rspamd__default_group }}" - notify: systemctl restart rspamd +- name: rspamd password generation + block: + - name: configure rspamd password + become: true + ansible.builtin.template: + src: templates/worker-controller.inc.j2 + dest: "{{ rspamd__config_path }}worker-controller.inc" + mode: '0640' + owner: "{{ rspamd__default_owner }}" + group: "{{ rspamd__default_group }}" + notify: systemctl restart rspamd + rescue: + - name: you have to install passlib + fail: + msg: 'I caught an error. Maybe you have to install passlib via pip3' - name: Einstellung des logging become: true diff --git a/templates/worker-controller.inc.j2 b/templates/worker-controller.inc.j2 index 32d97f3..c085b69 100644 --- a/templates/worker-controller.inc.j2 +++ b/templates/worker-controller.inc.j2 @@ -1 +1 @@ -password = "{{ _rspamd__admin_password }}" +password = "{{ rspamd__admin_password_with_salt }}" diff --git a/vars/main.yml b/vars/main.yml index 9fe4114..866c29f 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,6 +1,7 @@ --- # versionscheck -playbook_version_number: 6 # should be a integer +playbook_version_number: 7 # should be a integer playbook_version_path: 'do1jlr.rspamd.version' -_rspamd__admin_password: "{{ rspamd__admin_password | password_hash('bcrypt') }}" +# https://github.com/ansible/ansible/issues/36129 +rspamd__admin_password_with_salt: "{{ rspamd__admin_password | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:21] + ('Oeu' | shuffle(seed=inventory_hostname) | join)[1], rounds=9) }}"