From 9381356e5d46ebae7b91fbaa642574e6a808a4fc Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Mon, 20 Dec 2021 18:20:40 +0100
Subject: [PATCH] create OBS user

---
 README.md              | 6 ++++++
 defaults/main.yml      | 2 +-
 tasks/ansible_user.yml | 2 +-
 tasks/main.yml         | 2 ++
 4 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 449e45a..4c0149b 100644
--- a/README.md
+++ b/README.md
@@ -4,3 +4,9 @@
 WINDOWS Ansible role to create a little base Setup for my Ansible Managed Windows 10 Enterprise Hosts
 
 ## Please not, this is my first windows role and highly experimental!
+
+ Requirements
+----------------
++ **Pass or gopass** is required to store passwords.
+  + See [ansible docs](https://docs.ansible.com/ansible/latest/collections/community/general/passwordstore_lookup.html)
+  + Have a password store setup. Either create a symlink from pass to gopass or use pass nativly.
diff --git a/defaults/main.yml b/defaults/main.yml
index 2531eff..0d98029 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,2 +1,2 @@
 ---
-win_base_init__ansible_password: ''
+win_base_init__pass_prefix: 'ansible/windows'
diff --git a/tasks/ansible_user.yml b/tasks/ansible_user.yml
index 9a01ad1..1726917 100644
--- a/tasks/ansible_user.yml
+++ b/tasks/ansible_user.yml
@@ -11,7 +11,7 @@
   ansible.windows.win_user:
     name: 'ansible'
     state: present
-    password:
+    password: "{{ lookup('community.general.passwordstore', win_base_init__pass_prefix + '/' + inventory_hostname + '/password create=true length=16 nosymbols=true')}}"
     account_disabled: false
     description: 'Account to run ansible commands at this WINDOWS host'
     groups_action: 'add'
diff --git a/tasks/main.yml b/tasks/main.yml
index 423d8f4..7c3b6ea 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,3 +1,5 @@
 ---
 - name: create Ansible Windows Group and User
   ansible.builtin.include_task: ansible_user.yml
+
+