From 1985da804305ae9719b0cac737cdd4cd8071a327 Mon Sep 17 00:00:00 2001 From: Vincent Van der Kussen Date: Thu, 13 Sep 2018 07:50:32 +0200 Subject: [PATCH 1/2] Fix #11 --- .../group_vars/all | 3 +- .../hosts | 6 +- .../roles/ssh-config/tasks/main.yml | 71 ++++++++++++++----- 3 files changed, 57 insertions(+), 23 deletions(-) diff --git a/add-users-groups-authorized_keys-dot-files/group_vars/all b/add-users-groups-authorized_keys-dot-files/group_vars/all index 02bf11e..be5a4aa 100644 --- a/add-users-groups-authorized_keys-dot-files/group_vars/all +++ b/add-users-groups-authorized_keys-dot-files/group_vars/all @@ -35,7 +35,8 @@ users: #multiline state: absent ssh_config: - - ServerAliveInterval: 10 + - line: "ServerAliveInterval: 10" + - line: "Compression no" - name: test state: present keys: diff --git a/add-users-groups-authorized_keys-dot-files/hosts b/add-users-groups-authorized_keys-dot-files/hosts index 17d4bc8..a0967ee 100644 --- a/add-users-groups-authorized_keys-dot-files/hosts +++ b/add-users-groups-authorized_keys-dot-files/hosts @@ -1,3 +1,3 @@ -10.106.116.157 ssh_short_name=host1 ansible_user=root -10.106.116.139 ssh_short_name=host2 ansible_user=root -34.242.108.38 ssh_short_name=freebsd1 ansible_user=ec2-user ansible_python_interpreter=/usr/local/bin/python2.7 +10.106.116.157 ansible_user=root +10.106.116.139 ansible_user=root +#34.242.108.38 ssh_short_name=freebsd1 ansible_user=ec2-user ansible_python_interpreter=/usr/local/bin/python2.7 diff --git a/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml b/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml index ef8a5bf..bacf50a 100644 --- a/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml +++ b/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml @@ -19,27 +19,60 @@ no_log: True -- name: Configure ~/.ssh/config - blockinfile: - path: "/home/{{ item.0.name }}/.ssh/config" - owner: "{{ item.0.name }}" - group: "{{ item.0.name }}" - mode: 0600 - marker: "# {mark} ANSIBLE MANAGED BLOCK" - content: | - {% for host in groups['all'] -%} - Host {{ hostvars[host]['ssh_short_name'] }} - Hostname {{ hostvars[host]['inventory_hostname'] }} - RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent - RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh - {% for k,v in item.1.items() %} - {% if k|lower != "host" and k|lower != "hostname" %} - {{k}} {{v}} - {% endif %} - {% endfor %} - {% endfor %} +- name: CHECK VARS + debug: + msg: "{{ item.1 }}" with_subelements: - "{{ users }}" - ssh_config - skip_missing: true when: item.0.state == "present" + +- name: Configure ~/.ssh/config + blockinfile: + #path: "/home/{{ item.0.name }}/.ssh/config" + path: "/home/{{ item.name }}/.ssh/config" + #owner: "{{ item.0.name }}" + owner: "{{ item.name }}" + #group: "{{ item.0.name }}" + group: "{{ item.name }}" + mode: 0600 + marker: "# {mark} ANSIBLE MANAGED BLOCK" + content: | + {% for host in groups['all'] -%} + Host {{ hostvars[host]['ansible_hostname'] }} + Hostname {{ hostvars[host]['inventory_hostname'] }} + RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent + RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh + {% for item in item.ssh_config %} + {{ item.line }} + {% endfor %} + {% endfor %} + with_items: + - "{{ users }}" + - skip_missing: true + when: item.ssh_config is defined and item.state == "present" + +#- name: Configure ~/.ssh/config +# blockinfile: +# path: "/home/{{ item.0.name }}/.ssh/config" +# owner: "{{ item.0.name }}" +# group: "{{ item.0.name }}" +# mode: 0600 +# marker: "# {mark} ANSIBLE MANAGED BLOCK" +# content: | +# {% for host in groups['all'] -%} +# Host {{ hostvars[host]['ssh_short_name'] }} +# Hostname {{ hostvars[host]['inventory_hostname'] }} +# RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent +# RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh +# {% for k,v in item.1.items() %} +# {% if k|lower != "host" and k|lower != "hostname" %} +# {{k}} {{v}} +# {% endif %} +# {% endfor %} +# {% endfor %} +# with_dict: +# - "{{ users }}" +# - skip_missing: true +# when: item.0.state == "present" -- 2.44.2 From 9e5b35532653a8792701796e4336a9e3401f9943 Mon Sep 17 00:00:00 2001 From: Vincent Van der Kussen Date: Thu, 13 Sep 2018 08:48:34 +0200 Subject: [PATCH 2/2] remove comment block --- .../roles/ssh-config/tasks/main.yml | 23 ------------------- 1 file changed, 23 deletions(-) diff --git a/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml b/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml index bacf50a..2b22aea 100644 --- a/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml +++ b/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml @@ -53,26 +53,3 @@ - skip_missing: true when: item.ssh_config is defined and item.state == "present" -#- name: Configure ~/.ssh/config -# blockinfile: -# path: "/home/{{ item.0.name }}/.ssh/config" -# owner: "{{ item.0.name }}" -# group: "{{ item.0.name }}" -# mode: 0600 -# marker: "# {mark} ANSIBLE MANAGED BLOCK" -# content: | -# {% for host in groups['all'] -%} -# Host {{ hostvars[host]['ssh_short_name'] }} -# Hostname {{ hostvars[host]['inventory_hostname'] }} -# RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent -# RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh -# {% for k,v in item.1.items() %} -# {% if k|lower != "host" and k|lower != "hostname" %} -# {{k}} {{v}} -# {% endif %} -# {% endfor %} -# {% endfor %} -# with_dict: -# - "{{ users }}" -# - skip_missing: true -# when: item.0.state == "present" -- 2.44.2