From 07f2b3cd4ebcabc6606bdd18623c6da980780953 Mon Sep 17 00:00:00 2001
From: Aaron Guise <Aaron.Guise@ultrafast.co.nz>
Date: Thu, 2 Apr 2020 09:48:08 +1300
Subject: [PATCH] Set no_log for duo configuration (secret)

---
 tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tasks/main.yml b/tasks/main.yml
index 9985206..b9a2549 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -14,6 +14,7 @@
 #   fail:
 #     msg: "ikey should not be 'someikey' see defaults/main.yml"
 #   when: 
+
 - name: Ensure Duo configuration in place
   ini_file: 
     path: /etc/duo/pam_duo.conf
@@ -21,6 +22,7 @@
     option: "{{ item.key }}"
     value: "{{ item.value }}"
   with_items: "{{ auth_duo_settings }}"
+  no_log: true
 
 - name: Ensure PAM for SSH is configured with duo MFA
   copy: