--- - name: Check if password file '{{ mosquitto_password_auth_file }}' exists stat: path: "{{ mosquitto_password_auth_file }}" register: __mosquitto_passwd become: True become_user: root - name: Create password file if not exist file: path: "{{ mosquitto_password_auth_file }}" mode: 0600 state: touch become: True become_user: root when: not __mosquitto_passwd.stat.exists # TODO: ugly workaround, move this to a custom module - block: - name: Add users to password file shell: "mosquitto_passwd -b {{ mosquitto_password_auth_file }} {{ item.key }} {{ item.value.password }}" with_dict: "{{ mosquitto_password_auth_users | default('{}') }}" when: item.value.state == "present" changed_when: False no_log: True - name: Remove unnecessary users from password file shell: "mosquitto_passwd -D {{ mosquitto_password_auth_file }} {{ item.key }}" with_dict: "{{ mosquitto_password_auth_users | default('{}') }}" when: item.value.state == "absent" changed_when: False no_log: True - name: Create acl file at '{{ mosquitto_acl_file }}' template: src: "etc/mosquitto/aclfile.j2" dest: "{{ mosquitto_acl_file }}" owner: root group: root mode: 0600 with_dict: "{{ mosquitto_password_auth_users | default('{}') }}" when: - mosquitto_acl_enabled - mosquitto_acl become: True become_user: root