ansible-collection-famedly-matrix/tasks/generate_secret.yml

---
- name: Set full file path
  set_fact:
    secret_file_path: "{{ matrix_synapse_secrets_path }}/{{ secret.file }}"

- name: Check if secret exists
  stat:
    path: "{{ secret_file_path }}"
  register: secret_file_stat

- name: Generate random string
  copy:
    content: "{{ lookup('password', '/dev/null chars=ascii_letters,digits length=42') }}"
    dest: "{{ secret_file_path }}"
    owner: synapse
    group: synapse
    mode: "0600"
  when:
    - not secret_file_stat.stat.exists

- name: Retrieve secret
  slurp:
    src: "{{ secret_file_path }}"
  register: "{{ secret.var }}"