Does that mean you'd recommend creating a "user" role, or that in my "haproxy" role I'd include user definitions? I'm not sure what the organization would look like.
Pete On Wednesday, June 25, 2014 5:15:37 PM UTC-7, Michael DeHaan wrote: > > I'll leave others to comment, but in the era of roles, a raw parameterized > include is becoming increasingly a rare thing. > > --Michael > > > > > On Wed, Jun 25, 2014 at 2:09 PM, Pete Emerson <[email protected] > <javascript:>> wrote: > >> I haven't seen the "right" way to organizer users, so here's my attempt, >> but it seems to me like it should be a bit simpler. >> >> https://gist.github.com/pete0emerson/ba331fd0defba6d2dd7c >> >> Why I organized things this way: >> >> 1) I want to only define users once, in one place (users.yaml) >> 2) I want to map groups of users in one place as well (user_groups.yaml) >> 3) I want the definition of a user to be in one place >> (user_definition.yaml) >> 4) Right now I'm saving usergroups for later (this is an MVP) >> 5) I'm saving *disabling* of users for later as well (in a pinch I can >> revoke their ssh key) >> >> Where I'd like some guidance: >> >> The playbook that I run (users_playbook.yaml) maps hosts to groups of >> users. But I currently specify the host group twice: >> >> - hosts: haproxy >> include: user_definition.yaml accounts_to_add=users_haproxy >> hosts=haproxy >> >> It seems strange to have the "- hosts: " section in both the >> users_playbook.yaml and the user_definition.yaml file, passing the host >> group from one to the other in a variable. Is there a nicer way to do this? >> >> Any other comments such as "this is a very un-Ansible way of organizing >> things, try it this way" et cetera are very welcome. I'd love to see a >> "best practices" document come to life centered around these sorts of >> things. >> >> Thanks, >> Pete >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/97ef96d3-e55c-491a-bb3e-9d7715a7e04d%40googlegroups.com >> >> <https://groups.google.com/d/msgid/ansible-project/97ef96d3-e55c-491a-bb3e-9d7715a7e04d%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5970173f-a793-415e-9c8e-d4f72355bda6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
