From d54fe7975c3cc59ab0399f5ce43528958d5a92a7 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Wed, 26 Aug 2020 20:24:08 +0300
Subject: [PATCH] Don't set password for root. Just lock account.

---
 playbooks/include/vm-create.yml | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/playbooks/include/vm-create.yml b/playbooks/include/vm-create.yml
index 3d3b120..eb43262 100644
--- a/playbooks/include/vm-create.yml
+++ b/playbooks/include/vm-create.yml
@@ -40,16 +40,10 @@
       delegate_to: localhost
       when: inventory_hostname not in result.list_vms
 
-    - name: generate root password
-      command: "/srv/ansible/scripts/genpasswd {{ inventory_hostname }}"
-      register: root_password
-      delegate_to: localhost
-      when: inventory_hostname not in result.list_vms
-
     - name: create inject file
       copy:
         content: |
-          rootpw --iscrypted {{ root_password.stdout }}
+          rootpw --lock
           %post
           umask 077
           mkdir -p /root/.ssh