Good evening all!
I am new to Ansible (only 2 days in), but am quite excited by the prospects.
I have a laundry list of questions but I figured it'd be best to separate
them into multiple posts to help people searching these lists in the future.
The first question is:....
- After much searching, I found an archived exchange that points out a way
to have a list of users in a group_vars/xxxx.yaml file, and then in a
"add_users.yaml" playbook, do something like the following:
>
>
>
>
>
>
>
>
>
> * 1 --- 2 - hosts: all 3 vars_files: 4 -
> /etc/ansible/group_vars/[some-group-name-goes-here]/users.yaml 5 tasks:
> 6 - name: Create user. 7 user: home=/home/{{ item }} name={{ item }}
> shell=/bin/bash state=present 8 with_items: users 9 - name: copy
> per-user ssh key (authorized_keys2) to the destination server 10
> action: copy src=/usr/share/ansible/files/ssh/{{ item }}/authorized_keys2
> dest=/home/{{ item }}/.ssh/authorized_keys2 mode=755 11 with_items:
> users*
>
This works quite well (thank to to whomever it was who posted that
solution). However, I personally don't like the idea of having to maintain
multiple files of users per group/pattern. What I'd like to be able to do,
is the same way I have 1 hosts file (/etc/ansible/hosts) that has *all* of
my hosts and groups in one nicely organized file, I would like to have one
giant users.yaml which has different groups of users (ie: one for the
database boxes, one for the staging boxes, one for the production boxes,
etc.)
Perhaps I'm thinking of this the wrong way, but it seems like something
that should be easy to do. This is kind of a "global variable" concept,
I'd just like to centralize the management of this.
Any thoughts on the syntax to properly do this? Thanks!!! :o)
>
>
>
>
>
>
>
> *$ cat
> /etc/ansible/group_vars/[some-group-name-goes-here]/users.yamlusers: -
> user1 - user2 - user3group_name: - users*
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
