diff --git a/ansible.cfg.script b/ansible.cfg.script index e43528744bea536e2b8a07312949fd457b1e489a..21dcbd50a9394079edaf14437448011ffeabead8 100644 --- a/ansible.cfg.script +++ b/ansible.cfg.script @@ -140,7 +140,7 @@ callback_whitelist = timer, profile_tasks # If set, configures the path to the Vault password file as an alternative to # specifying --vault-password-file on the command line. -vault_password_file = ./vault/passwords +#vault_password_file = ./vault/passwords # format of string {{ ansible_managed }} available within Jinja2 # templates indicates to users editing templates files will be replaced. diff --git a/roles/user-provisioning/user-provisioning/tasks/main.yml b/roles/user-provisioning/user-provisioning/tasks/main.yml index f2fe29c265d8169d96de103238c929eab7534ed8..a9228706eb62087987da1aa9eb8b4cb0e0cdd2b7 100644 --- a/roles/user-provisioning/user-provisioning/tasks/main.yml +++ b/roles/user-provisioning/user-provisioning/tasks/main.yml @@ -33,11 +33,6 @@ include_tasks: default-user.yml when: remove_default_user -- name: Set the root password - user: - name: root - password: "{{ root_password_hash }}" - - name: Restrict SSH root access block: - name: Remove root SSH keys if some are present