stationgroup/ansible-experiments
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

don't create users depending on OS #14

Merged
vincentvdk merged 14 commits from fix/13 into master 2018-10-21 01:36:24 +00:00
Conversation 2 Commits 14 Files changed 3 +79 -9
vincentvdk commented 2018-10-02 17:41:28 +00:00 (Migrated from github.com)
Copy link

Added conditions so ubuntu user is not created on FreeBSD systems and ec2-user not on Ubuntu systems.
In the end I think we better import tasks based on OS because this will not scale in the future.

Added conditions so `ubuntu` user is not created on FreeBSD systems and `ec2-user` not on Ubuntu systems. In the end I think we better import tasks based on OS because this will not scale in the future.
reelsense commented 2018-10-21 01:15:20 +00:00 (Migrated from github.com)
Copy link

FIXED

ssh-config worked on Linux but not FreeBSD.

# BEGIN ANSIBLE MANAGED BLOCK
Host 10
    Hostname lab1
    RemoteForward /home/ubuntu/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
    RemoteForward /home/ubuntu/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
    ServerAliveInterval 10
    StreamLocalBindUnlink yes
Host freebsd
    Hostname lab3
    RemoteForward /home/ubuntu/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
    RemoteForward /home/ubuntu/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
    ServerAliveInterval 10
    StreamLocalBindUnlink yes
# END ANSIBLE MANAGED BLOCK

I had to append a FreeBSD section to roles/ssh-config/tasks/main.yml:

- name: Configure ~/.ssh/config FreeBSD
  blockinfile:
    #path: "/home/{{ item.0.name  }}/.ssh/config"
    path: "/usr/home/{{ item.name  }}/.ssh/config"
    #owner: "{{ item.0.name }}"
    owner: "{{ item.name }}"
    #group: "{{ item.0.name }}"
    group: "{{ item.name }}"
    mode: 0600
    marker: "# {mark} ANSIBLE MANAGED BLOCK"
    content: |
      {% for host in groups['all'] -%} 
      Host {{ hostvars[host]['ansible_hostname'] }}
          Hostname {{ hostvars[host]['inventory_hostname'] }}
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
      {% for item in item.ssh_config %}
          {{ item.line }}
      {% endfor %}
      {% endfor %}
  with_items:
    - "{{ users }}"
    - skip_missing: true
  when: item.ssh_config is defined and item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'

But it still errors at Configure ~/.ssh/config FreeBSD:

Check if user has ~/.ssh/config | Debian/Ubuntu systems....
  lab1 ok
debug...
  lab1 ok
  lab3 ok
Create ~/.ssh/config when absent...
CHECK VARS...
  lab1 ok
  lab3 ok
Configure ~/.ssh/config...
  lab1 ok
Configure ~/.ssh/config FreeBSD...
  lab3 failed | msg: Path /home/ec2-user/.ssh/config does not exist !
  lab3 failed | msg: Path /home/user1/.ssh/config does not exist !
  lab3 failed

- Play recap -
  lab1                       : ok=20   changed=0    unreachable=0    failed=0   
  lab3                       : ok=17   changed=0    unreachable=0    failed=1
  (Click to expand verbose error) 
Configure ~/.ssh/config FreeBSD...
  lab3 failed: {
    "changed": false, 
    "item": {
        "csh_lines": [
            {
                "line": "#test", 
                "state": "present"
            }
        ], 
        "enable_sudo": true, 
        "keys": [
            {
                "file": "ec2-user-bastion", 
                "state": "present"
            }, 
            {
                "file": "ec2-user-ca", 
                "state": "present"
            }, 
            {
                "file": "ec2-user-ykn", 
                "state": "present"
            }
        ], 
        "name": "ec2-user", 
        "ssh_config": [
            {
                "line": "ServerAliveInterval 10"
            }, 
            {
                "line": "StreamLocalBindUnlink yes"
            }
        ], 
        "state": "present"
    }, 
    "msg": "Path /home/ec2-user/.ssh/config does not exist !", 
    "rc": 257
} | msg: Path /home/ec2-user/.ssh/config does not exist !
  lab3 failed: {
    "changed": false, 
    "item": {
        "bash_blocks": [
            {
                "content": "###\n# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.\n# From http://www.ukuug.org/events/linux2003/papers/bash_tips/\n# Incremental searching with Up and Down is configured in .inputrc\nbind '\"\\e[A\": history-search-backward'\nbind '\"\\e[B\": history-search-forward'\n\n#\"\\e[5~\": history-search-backward\n#\"\\e[6~\": history-search-forward\n#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.\n#You could also change it to.\n#\"\\e[5~\": history-substring-search-backward\n#\"\\e[6~\": history-substring-search-forward\n###\n", 
                "state": "present"
            }
        ], 
        "bash_lines": [
            {
                "line": "export SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent.ssh\"", 
                "state": "absent"
            }
        ], 
        "enable_sudo": true, 
        "keys": [
            {
                "file": "user1-bastion", 
                "state": "present"
            }, 
            {
                "file": "user1-ca", 
                "state": "present"
            }, 
            {
                "file": "user1-ykn", 
                "state": "present"
            }
        ], 
        "name": "user1", 
        "ssh_config": [
            {
                "line": "ServerAliveInterval 10"
            }, 
            {
                "line": "StreamLocalBindUnlink yes"
            }
        ], 
        "state": "present"
    }, 
    "msg": "Path /home/user1/.ssh/config does not exist !", 
    "rc": 257
} | msg: Path /home/user1/.ssh/config does not exist !
  lab3 failed: {
    "changed": false, 
    "msg": "All items completed", 
    "results": [
        {
            "_ansible_item_result": true, 
            "_ansible_no_log": false, 
            "_ansible_parsed": true, 
            "changed": false, 
            "failed": true, 
            "invocation": {
                "module_args": {
                    "attributes": null, 
                    "backup": false, 
                    "block": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
                    "content": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
                    "create": false, 
                    "delimiter": null, 
                    "directory_mode": null, 
                    "follow": false, 
                    "force": null, 
                    "group": "ec2-user", 
                    "insertafter": null, 
                    "insertbefore": null, 
                    "marker": "# {mark} ANSIBLE MANAGED BLOCK", 
                    "marker_begin": "BEGIN", 
                    "marker_end": "END", 
                    "mode": 384, 
                    "owner": "ec2-user", 
                    "path": "/home/ec2-user/.ssh/config", 
                    "regexp": null, 
                    "remote_src": null, 
                    "selevel": null, 
                    "serole": null, 
                    "setype": null, 
                    "seuser": null, 
                    "src": null, 
                    "state": "present", 
                    "unsafe_writes": null, 
                    "validate": null
                }
            }, 
            "item": {
                "csh_lines": [
                    {
                        "line": "#test", 
                        "state": "present"
                    }
                ], 
                "enable_sudo": true, 
                "keys": [
                    {
                        "file": "ec2-user-bastion", 
                        "state": "present"
                    }, 
                    {
                        "file": "ec2-user-ca", 
                        "state": "present"
                    }, 
                    {
                        "file": "ec2-user-ykn", 
                        "state": "present"
                    }
                ], 
                "name": "ec2-user", 
                "ssh_config": [
                    {
                        "line": "ServerAliveInterval 10"
                    }, 
                    {
                        "line": "StreamLocalBindUnlink yes"
                    }
                ], 
                "state": "present"
            }, 
            "msg": "Path /home/ec2-user/.ssh/config does not exist !", 
            "rc": 257
        }, 
        {
            "_ansible_ignore_errors": null, 
            "_ansible_item_result": true, 
            "_ansible_no_log": false, 
            "changed": false, 
            "item": {
                "bash_blocks": [
                    {
                        "content": "# SSH with GPG key on Yubikey\nexport GPG_TTY=\"$(tty)\"\nexport SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent\"\n", 
                        "state": "absent"
                    }, 
                    {
                        "content": "###\n## Filecount in a directory.\nalias filecount='find . -maxdepth 1 -type f -print | wc -l'\n## Reload shell\nalias reload-bash_profile=\"source ~/.bashrc\"\n###\n\n\n###\n# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.\n# From http://www.ukuug.org/events/linux2003/papers/bash_tips/\n# Incremental searching with Up and Down is configured in .inputrc\nbind '\"\\e[A\": history-search-backward'\nbind '\"\\e[B\": history-search-forward'\n\n#\"\\e[5~\": history-search-backward\n#\"\\e[6~\": history-search-forward\n#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.\n#You could also change it to.\n#\"\\e[5~\": history-substring-search-backward\n#\"\\e[6~\": history-substring-search-forward\n###\n", 
                        "state": "present"
                    }
                ], 
                "bash_lines": [
                    {
                        "line": "export SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent\"", 
                        "state": "present"
                    }
                ], 
                "enable_sudo": true, 
                "keys": [
                    {
                        "file": "ubuntu-bastion", 
                        "state": "present"
                    }, 
                    {
                        "file": "ubuntu-ca", 
                        "state": "present"
                    }, 
                    {
                        "file": "ubuntu-ykn", 
                        "state": "present"
                    }
                ], 
                "name": "ubuntu", 
                "ssh_config": [
                    {
                        "line": "ServerAliveInterval 10"
                    }, 
                    {
                        "line": "StreamLocalBindUnlink yes"
                    }
                ], 
                "state": "present"
            }, 
            "skip_reason": "Conditional result was False", 
            "skipped": true
        }, 
        {
            "_ansible_item_result": true, 
            "_ansible_no_log": false, 
            "_ansible_parsed": true, 
            "changed": false, 
            "failed": true, 
            "invocation": {
                "module_args": {
                    "attributes": null, 
                    "backup": false, 
                    "block": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
                    "content": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
                    "create": false, 
                    "delimiter": null, 
                    "directory_mode": null, 
                    "follow": false, 
                    "force": null, 
                    "group": "user1", 
                    "insertafter": null, 
                    "insertbefore": null, 
                    "marker": "# {mark} ANSIBLE MANAGED BLOCK", 
                    "marker_begin": "BEGIN", 
                    "marker_end": "END", 
                    "mode": 384, 
                    "owner": "user1", 
                    "path": "/home/user1/.ssh/config", 
                    "regexp": null, 
                    "remote_src": null, 
                    "selevel": null, 
                    "serole": null, 
                    "setype": null, 
                    "seuser": null, 
                    "src": null, 
                    "state": "present", 
                    "unsafe_writes": null, 
                    "validate": null
                }
            }, 
            "item": {
                "bash_blocks": [
                    {
                        "content": "###\n# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.\n# From http://www.ukuug.org/events/linux2003/papers/bash_tips/\n# Incremental searching with Up and Down is configured in .inputrc\nbind '\"\\e[A\": history-search-backward'\nbind '\"\\e[B\": history-search-forward'\n\n#\"\\e[5~\": history-search-backward\n#\"\\e[6~\": history-search-forward\n#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.\n#You could also change it to.\n#\"\\e[5~\": history-substring-search-backward\n#\"\\e[6~\": history-substring-search-forward\n###\n", 
                        "state": "present"
                    }
                ], 
                "bash_lines": [
                    {
                        "line": "export SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent.ssh\"", 
                        "state": "absent"
                    }
                ], 
                "enable_sudo": true, 
                "keys": [
                    {
                        "file": "user1-bastion", 
                        "state": "present"
                    }, 
                    {
                        "file": "user1-ca", 
                        "state": "present"
                    }, 
                    {
                        "file": "user1-ykn", 
                        "state": "present"
                    }
                ], 
                "name": "user1", 
                "ssh_config": [
                    {
                        "line": "ServerAliveInterval 10"
                    }, 
                    {
                        "line": "StreamLocalBindUnlink yes"
                    }
                ], 
                "state": "present"
            }, 
            "msg": "Path /home/user1/.ssh/config does not exist !", 
            "rc": 257
        }, 
        {
            "_ansible_ignore_errors": null, 
            "_ansible_item_result": true, 
            "_ansible_no_log": false, 
            "changed": false, 
            "item": {
                "skip_missing": true
            }, 
            "skip_reason": "Conditional result was False", 
            "skipped": true
        }
    ]
}
META: ran handlers
META: ran handlers

- Play recap -
  lab1                       : ok=20   changed=0    unreachable=0    failed=0
  lab3                       : ok=17   changed=0    unreachable=0    failed=1

Resolved by prepending a Check if user has ~/.ssh/config | FreeBSD systems section up top.

- name: Check if user has ~/.ssh/config | FreeBSD systems.
  stat:
    path: "/home/{{ item.name }}/.ssh/config"
  with_items: "{{ users }}"
  register: sshconfig
  when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
### FIXED ✅ `ssh-config` worked on Linux but not FreeBSD. ``` # BEGIN ANSIBLE MANAGED BLOCK Host 10 Hostname lab1 RemoteForward /home/ubuntu/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent RemoteForward /home/ubuntu/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh ServerAliveInterval 10 StreamLocalBindUnlink yes Host freebsd Hostname lab3 RemoteForward /home/ubuntu/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent RemoteForward /home/ubuntu/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh ServerAliveInterval 10 StreamLocalBindUnlink yes # END ANSIBLE MANAGED BLOCK ``` --- I had to [append](https://github.com/stationgroup/ansible-experiments/pull/14/commits/870157577912473838b9db07e4652656b4558a97) a FreeBSD section to [`roles/ssh-config/tasks/main.yml`](https://github.com/vincentvdk/ansible-experiments/blob/fix/13/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml): ```yaml - name: Configure ~/.ssh/config FreeBSD blockinfile: #path: "/home/{{ item.0.name }}/.ssh/config" path: "/usr/home/{{ item.name }}/.ssh/config" #owner: "{{ item.0.name }}" owner: "{{ item.name }}" #group: "{{ item.0.name }}" group: "{{ item.name }}" mode: 0600 marker: "# {mark} ANSIBLE MANAGED BLOCK" content: | {% for host in groups['all'] -%} Host {{ hostvars[host]['ansible_hostname'] }} Hostname {{ hostvars[host]['inventory_hostname'] }} RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh {% for item in item.ssh_config %} {{ item.line }} {% endfor %} {% endfor %} with_items: - "{{ users }}" - skip_missing: true when: item.ssh_config is defined and item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD' ``` But it still errors at `Configure ~/.ssh/config FreeBSD`: ```yaml Check if user has ~/.ssh/config | Debian/Ubuntu systems.... lab1 ok debug... lab1 ok lab3 ok Create ~/.ssh/config when absent... CHECK VARS... lab1 ok lab3 ok Configure ~/.ssh/config... lab1 ok Configure ~/.ssh/config FreeBSD... lab3 failed | msg: Path /home/ec2-user/.ssh/config does not exist ! lab3 failed | msg: Path /home/user1/.ssh/config does not exist ! lab3 failed - Play recap - lab1 : ok=20 changed=0 unreachable=0 failed=0 lab3 : ok=17 changed=0 unreachable=0 failed=1 ``` <details>   <summary>(Click to expand verbose error)</summary> ```yaml Configure ~/.ssh/config FreeBSD... lab3 failed: { "changed": false, "item": { "csh_lines": [ { "line": "#test", "state": "present" } ], "enable_sudo": true, "keys": [ { "file": "ec2-user-bastion", "state": "present" }, { "file": "ec2-user-ca", "state": "present" }, { "file": "ec2-user-ykn", "state": "present" } ], "name": "ec2-user", "ssh_config": [ { "line": "ServerAliveInterval 10" }, { "line": "StreamLocalBindUnlink yes" } ], "state": "present" }, "msg": "Path /home/ec2-user/.ssh/config does not exist !", "rc": 257 } | msg: Path /home/ec2-user/.ssh/config does not exist ! lab3 failed: { "changed": false, "item": { "bash_blocks": [ { "content": "###\n# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.\n# From http://www.ukuug.org/events/linux2003/papers/bash_tips/\n# Incremental searching with Up and Down is configured in .inputrc\nbind '\"\\e[A\": history-search-backward'\nbind '\"\\e[B\": history-search-forward'\n\n#\"\\e[5~\": history-search-backward\n#\"\\e[6~\": history-search-forward\n#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.\n#You could also change it to.\n#\"\\e[5~\": history-substring-search-backward\n#\"\\e[6~\": history-substring-search-forward\n###\n", "state": "present" } ], "bash_lines": [ { "line": "export SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent.ssh\"", "state": "absent" } ], "enable_sudo": true, "keys": [ { "file": "user1-bastion", "state": "present" }, { "file": "user1-ca", "state": "present" }, { "file": "user1-ykn", "state": "present" } ], "name": "user1", "ssh_config": [ { "line": "ServerAliveInterval 10" }, { "line": "StreamLocalBindUnlink yes" } ], "state": "present" }, "msg": "Path /home/user1/.ssh/config does not exist !", "rc": 257 } | msg: Path /home/user1/.ssh/config does not exist ! lab3 failed: { "changed": false, "msg": "All items completed", "results": [ { "_ansible_item_result": true, "_ansible_no_log": false, "_ansible_parsed": true, "changed": false, "failed": true, "invocation": { "module_args": { "attributes": null, "backup": false, "block": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "content": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "create": false, "delimiter": null, "directory_mode": null, "follow": false, "force": null, "group": "ec2-user", "insertafter": null, "insertbefore": null, "marker": "# {mark} ANSIBLE MANAGED BLOCK", "marker_begin": "BEGIN", "marker_end": "END", "mode": 384, "owner": "ec2-user", "path": "/home/ec2-user/.ssh/config", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "present", "unsafe_writes": null, "validate": null } }, "item": { "csh_lines": [ { "line": "#test", "state": "present" } ], "enable_sudo": true, "keys": [ { "file": "ec2-user-bastion", "state": "present" }, { "file": "ec2-user-ca", "state": "present" }, { "file": "ec2-user-ykn", "state": "present" } ], "name": "ec2-user", "ssh_config": [ { "line": "ServerAliveInterval 10" }, { "line": "StreamLocalBindUnlink yes" } ], "state": "present" }, "msg": "Path /home/ec2-user/.ssh/config does not exist !", "rc": 257 }, { "_ansible_ignore_errors": null, "_ansible_item_result": true, "_ansible_no_log": false, "changed": false, "item": { "bash_blocks": [ { "content": "# SSH with GPG key on Yubikey\nexport GPG_TTY=\"$(tty)\"\nexport SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent\"\n", "state": "absent" }, { "content": "###\n## Filecount in a directory.\nalias filecount='find . -maxdepth 1 -type f -print | wc -l'\n## Reload shell\nalias reload-bash_profile=\"source ~/.bashrc\"\n###\n\n\n###\n# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.\n# From http://www.ukuug.org/events/linux2003/papers/bash_tips/\n# Incremental searching with Up and Down is configured in .inputrc\nbind '\"\\e[A\": history-search-backward'\nbind '\"\\e[B\": history-search-forward'\n\n#\"\\e[5~\": history-search-backward\n#\"\\e[6~\": history-search-forward\n#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.\n#You could also change it to.\n#\"\\e[5~\": history-substring-search-backward\n#\"\\e[6~\": history-substring-search-forward\n###\n", "state": "present" } ], "bash_lines": [ { "line": "export SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent\"", "state": "present" } ], "enable_sudo": true, "keys": [ { "file": "ubuntu-bastion", "state": "present" }, { "file": "ubuntu-ca", "state": "present" }, { "file": "ubuntu-ykn", "state": "present" } ], "name": "ubuntu", "ssh_config": [ { "line": "ServerAliveInterval 10" }, { "line": "StreamLocalBindUnlink yes" } ], "state": "present" }, "skip_reason": "Conditional result was False", "skipped": true }, { "_ansible_item_result": true, "_ansible_no_log": false, "_ansible_parsed": true, "changed": false, "failed": true, "invocation": { "module_args": { "attributes": null, "backup": false, "block": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "content": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "create": false, "delimiter": null, "directory_mode": null, "follow": false, "force": null, "group": "user1", "insertafter": null, "insertbefore": null, "marker": "# {mark} ANSIBLE MANAGED BLOCK", "marker_begin": "BEGIN", "marker_end": "END", "mode": 384, "owner": "user1", "path": "/home/user1/.ssh/config", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "present", "unsafe_writes": null, "validate": null } }, "item": { "bash_blocks": [ { "content": "###\n# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.\n# From http://www.ukuug.org/events/linux2003/papers/bash_tips/\n# Incremental searching with Up and Down is configured in .inputrc\nbind '\"\\e[A\": history-search-backward'\nbind '\"\\e[B\": history-search-forward'\n\n#\"\\e[5~\": history-search-backward\n#\"\\e[6~\": history-search-forward\n#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.\n#You could also change it to.\n#\"\\e[5~\": history-substring-search-backward\n#\"\\e[6~\": history-substring-search-forward\n###\n", "state": "present" } ], "bash_lines": [ { "line": "export SSH_AUTH_SOCK=\"${HOME}/.gnupg/S.gpg-agent.ssh\"", "state": "absent" } ], "enable_sudo": true, "keys": [ { "file": "user1-bastion", "state": "present" }, { "file": "user1-ca", "state": "present" }, { "file": "user1-ykn", "state": "present" } ], "name": "user1", "ssh_config": [ { "line": "ServerAliveInterval 10" }, { "line": "StreamLocalBindUnlink yes" } ], "state": "present" }, "msg": "Path /home/user1/.ssh/config does not exist !", "rc": 257 }, { "_ansible_ignore_errors": null, "_ansible_item_result": true, "_ansible_no_log": false, "changed": false, "item": { "skip_missing": true }, "skip_reason": "Conditional result was False", "skipped": true } ] } META: ran handlers META: ran handlers - Play recap - lab1 : ok=20 changed=0 unreachable=0 failed=0 lab3 : ok=17 changed=0 unreachable=0 failed=1 ``` </details> --- **Resolved** by [prepending](https://github.com/stationgroup/ansible-experiments/pull/14/commits/b4cd66f75d52c514975cb5bebe33ba8b5808a597) a `Check if user has ~/.ssh/config | FreeBSD systems` section up top. ```yaml - name: Check if user has ~/.ssh/config | FreeBSD systems. stat: path: "/home/{{ item.name }}/.ssh/config" with_items: "{{ users }}" register: sshconfig when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD' ```
reelsense (Migrated from github.com) approved these changes 2018-10-21 01:19:46 +00:00
add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml
reelsense (Migrated from github.com) commented 2018-10-21 01:02:00 +00:00
Copy link

I had to append a FreeBSD section to roles/ssh-config/tasks/main.yml:

- name: Configure ~/.ssh/config FreeBSD
  blockinfile:
    #path: "/home/{{ item.0.name  }}/.ssh/config"
    path: "/usr/home/{{ item.name  }}/.ssh/config"
    #owner: "{{ item.0.name }}"
    owner: "{{ item.name }}"
    #group: "{{ item.0.name }}"
    group: "{{ item.name }}"
    mode: 0600
    marker: "# {mark} ANSIBLE MANAGED BLOCK"
    content: |
      {% for host in groups['all'] -%} 
      Host {{ hostvars[host]['ansible_hostname'] }}
          Hostname {{ hostvars[host]['inventory_hostname'] }}
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
      {% for item in item.ssh_config %}
          {{ item.line }}
      {% endfor %}
      {% endfor %}
  with_items:
    - "{{ users }}"
    - skip_missing: true
  when: item.ssh_config is defined and item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
I had to append a FreeBSD section to [`roles/ssh-config/tasks/main.yml`](https://github.com/vincentvdk/ansible-experiments/blob/fix/13/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml): ```yaml - name: Configure ~/.ssh/config FreeBSD blockinfile: #path: "/home/{{ item.0.name }}/.ssh/config" path: "/usr/home/{{ item.name }}/.ssh/config" #owner: "{{ item.0.name }}" owner: "{{ item.name }}" #group: "{{ item.0.name }}" group: "{{ item.name }}" mode: 0600 marker: "# {mark} ANSIBLE MANAGED BLOCK" content: | {% for host in groups['all'] -%} Host {{ hostvars[host]['ansible_hostname'] }} Hostname {{ hostvars[host]['inventory_hostname'] }} RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh {% for item in item.ssh_config %} {{ item.line }} {% endfor %} {% endfor %} with_items: - "{{ users }}" - skip_missing: true when: item.ssh_config is defined and item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD' ```
reelsense (Migrated from github.com) commented 2018-10-21 01:12:04 +00:00
Copy link

Resolved with adding a Check if user has ~/.ssh/config | FreeBSD systems section up top.

- name: Check if user has ~/.ssh/config | FreeBSD systems.
  stat:
    path: "/home/{{ item.name }}/.ssh/config"
  with_items: "{{ users }}"
  register: sshconfig
  when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
Resolved with adding a `Check if user has ~/.ssh/config | FreeBSD systems` section up top. ```yaml - name: Check if user has ~/.ssh/config | FreeBSD systems. stat: path: "/home/{{ item.name }}/.ssh/config" with_items: "{{ users }}" register: sshconfig when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD' ```
Sign in to join this conversation.
Reviewers
No reviewers
reelsense
Labels
Clear labels   
bug

Something isn't working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
question

Further information is requested

  
todo

   
todo 🗒️

   
wontfix

This will not be worked on

No labels
bug
duplicate
enhancement
good first issue
help wanted
invalid
question
todo
todo 🗒️
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
stationgroup/ansible-experiments!14
No description provided.