Implement clear text passwords with automatic hashing

- Change passwords in group_vars/all.yml to clear text (Oracle123, Grid123)
- Use password_hash('sha512') filter in users_configuration.yml for automatic hashing
- Maintain same security level but with more readable and maintainable passwords
- Passwords are hashed automatically during playbook execution

group_vars/all.yml

@@ -16,6 +16,6 @@ secure_configuration: false
 
 scripts_dir: "/home/oracle/scripts"
 
-# Mots de passe utilisateurs système (hashés pour /etc/shadow)
+# Mots de passe utilisateurs système (en clair - seront hashés automatiquement)
-oracle_user_password: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"
+oracle_user_password: "Oracle123"
-grid_user_password: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"
+grid_user_password: "Grid123"

roles/oracle-db-preinstall/tasks/users_configuration.yml

@@ -52,8 +52,8 @@
       update_password: on_create
       password: "{{ item.passwd }}"
     loop:
-       - { username: oracle, uid: 1001, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,oper", passwd: "{{ oracle_user_password }}" }
+       - { username: oracle, uid: 1001, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,oper", passwd: "{{ oracle_user_password | password_hash('sha512') }}" }
-       - { username: grid, uid: 1002, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,asmoper,asmadmin", passwd: "{{ grid_user_password }}" }
+       - { username: grid, uid: 1002, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,asmoper,asmadmin", passwd: "{{ grid_user_password | password_hash('sha512') }}" }
     when: full_configuration |bool and item.username not in (user_facts.ansible_facts.getent_passwd | default({}))
     tags: user