From 056c5530a2db31e5d36e69f6b6c26ea86c8aa8a2 Mon Sep 17 00:00:00 2001
From: Olivier <olivier@raspot.in>
Date: Tue, 19 May 2026 06:57:40 +0200
Subject: [PATCH] first commit

---
 .gitignore                    | 28 ++++++++++++++++++++++++++++
 ansible.cfg                   |  8 ++++++++
 group_vars/all.yml            |  3 +++
 inventories/hosts.yml         | 17 +++++++++++++++++
 playbooks/change_password.yml | 30 ++++++++++++++++++++++++++++++
 5 files changed, 86 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 ansible.cfg
 create mode 100644 group_vars/all.yml
 create mode 100644 inventories/hosts.yml
 create mode 100644 playbooks/change_password.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..62b8878
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,28 @@
+# Ansible runtime files
+*.retry
+.ansible/
+
+# Local secret files
+*.vault
+*.secret
+*.secrets
+vault.yml
+secrets.yml
+AGENTS.md
+
+# Python caches
+__pycache__/
+*.py[cod]
+
+# Editor and OS files
+.DS_Store
+Thumbs.db
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# Local environment files
+.env
+.env.*
+!.env.example
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 0000000..ce741ae
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,8 @@
+[defaults]
+inventory = inventories/hosts.yml
+host_key_checking = True
+retry_files_enabled = False
+
+[privilege_escalation]
+become = True
+become_method = sudo
diff --git a/group_vars/all.yml b/group_vars/all.yml
new file mode 100644
index 0000000..dd110be
--- /dev/null
+++ b/group_vars/all.yml
@@ -0,0 +1,3 @@
+---
+# Shared variables are currently defined in inventories/hosts.yml under all.vars
+# so they are always loaded with the selected inventory.
diff --git a/inventories/hosts.yml b/inventories/hosts.yml
new file mode 100644
index 0000000..d41ec72
--- /dev/null
+++ b/inventories/hosts.yml
@@ -0,0 +1,17 @@
+---
+all:
+  vars:
+    ansible_user: olivier
+    password_target_user: olivier
+
+  children:
+    test:
+      hosts:
+        srv-docker-lab-01.maison.bro:
+          ansible_ssh_private_key_file: ~/.ssh/id_ed25519
+
+    linux_servers:
+      hosts:
+        server-1:
+        server-2:
+          ansible_host: 192.0.2.12
diff --git a/playbooks/change_password.yml b/playbooks/change_password.yml
new file mode 100644
index 0000000..a71c122
--- /dev/null
+++ b/playbooks/change_password.yml
@@ -0,0 +1,30 @@
+---
+- name: Change account password
+  hosts: all
+  gather_facts: false
+  become: true
+
+  vars:
+    target_account_name: >-
+      {{ password_target_user | default(ansible_user, true) }}
+
+  vars_prompt:
+    - name: new_account_password
+      prompt: New password for the target account
+      private: true
+      confirm: true
+
+  pre_tasks:
+    - name: Validate target user
+      ansible.builtin.assert:
+        that:
+          - target_account_name is defined
+          - target_account_name | length > 0
+        fail_msg: "Set password_target_user or ansible_user for each host."
+
+  tasks:
+    - name: Update password for target account
+      ansible.builtin.command:
+        cmd: chpasswd
+        stdin: "{{ target_account_name }}:{{ new_account_password }}"
+      no_log: true