Password generation

[cimbalo]

Instead of using library/gen_passwd.py we can generate a password using lookup

- name: read password
  set_fact:
    password: "{{ lookup('password') }}"

Then save it to a remote file using shell and echo redirection and after read the file with shell and cat command (or we can find better option than using shell module).

[edoput]

A little more context lookup. It generate a random password and save it to a file on the remote local

- name:  assign password
  set_fact:
    password: "{{ lookup('password', '/path/to/local/file') }}"

the use the password variable in our playbook. If the file does not exist it creates a password and fill the file, otherwise it reads the password from the file.

Edit: the file is local not remote

[edoput]

Right now we are generating a password every time we connect, this is because we can change it without restriction. I would like to keep it this way because storing password in a local file means another level of syncronisation (between us, the humans) . I can't execute the same playbook A on machine vm_A unless you share the password file.

[cimbalo]

I wrote a sample idempot task to read or generate a password on the remote.

Note:
Require the password file path (variable password_path) and set the variable password as result.
Still use library/gen_passwd.py because lookup password fail if no path is supplied.