Implement user password management in variables

- Add oracle_user_password and grid_user_password to group_vars/all.yml
- Update users_configuration.yml to use password variables instead of hardcoded hashes
- Enable centralized password management for system users
- Keep passwords as clear text variables (no encryption needed for this use case)

group_vars/all.yml

@@ -14,4 +14,8 @@ oracle_fra: "/u03/fast_recovery_area/"
 full_configuration: true
 secure_configuration: false
 
-scripts_dir: "/home/oracle/scripts"
+scripts_dir: "/home/oracle/scripts"
+
+# Mots de passe utilisateurs système (hashés pour /etc/shadow)
+oracle_user_password: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"
+grid_user_password: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"

roles/oracle-db-preinstall/tasks/users_configuration.yml

@@ -52,8 +52,8 @@
       update_password: on_create
       password: "{{ item.passwd }}"
     loop:
-    - { username: oracle, uid: 1001, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,oper", passwd: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"}
-    - { username: grid, uid: 1002, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,asmoper,asmadmin", passwd: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"}
+       - { username: oracle, uid: 1001, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,oper", passwd: "{{ oracle_user_password }}" }
+       - { username: grid, uid: 1002, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,asmoper,asmadmin", passwd: "{{ grid_user_password }}" }
     when: full_configuration |bool and item.username not in (user_facts.ansible_facts.getent_passwd | default({}))
     tags: user