Hi,
that explains it. When is part of task, it cannot be used i variables (i
guess).
In this specific case you do not need at all, just define something like:
sudo_group: "{% if ansible_family == 'RedHat' %}wheel{% else %}sudo{% endif
%}"
in your host_vars, or main.yml in role vars/defaults.
Than just user sudo_group in task.
David
2014-09-04 9:07 GMT+02:00 John Ross Tasipit <[email protected]>:
> Yes I forgot to mention, I'm aware that it is a variable definition. The
> task was located in roles/users/tasks/main.yml which contains:
>
> ---
> - name: Per-user group creation
> group: name="{{item.username}}" gid="{{item.uid}}"
> with_items: users
> when: users_create_per_user_group
> tags: ['users','configuration']
>
> - name: User creation
> user: name="{{item.username}}"
> group="{{item.username if users_create_per_user_group
> else users_group}}"
> groups="{{item.groups | join(',')}}"
> shell={{item.shell if item.shell is defined else
> users_default_shell}}
> comment="{{item.name}}"
> uid="{{item.uid}}"
> createhome="{{'yes' if users_create_homedirs else 'no'}}"
> with_items: users
> tags: ['users','configuration']
>
> - name: SSH keys
> authorized_key: user="{{item.0.username}}" key="{{item.1}}"
> with_subelements:
> - users
> - ssh_key
> tags: ['users','configuration']
>
> - name: Deleted user removal
> user: name="{{item.username}}" state=absent
> with_items: users_deleted
> tags: ['users','configuration']
>
> - name: Deleted per-user group removal
> group: name="{{item.username}}" state=absent
> with_items: users_deleted
> when: users_create_per_user_group
> tags: ['users','configuration']
>
>
>
>
>
> On Thursday, September 4, 2014 3:01:50 PM UTC+8, David Karban wrote:
>
>> Hi John,
>>
>> it does not seem like a task, more like variable definition. For example,
>> user module does not have username param, name is used for user name, where
>> you are defining real name.
>>
>> For examples how to use user module look here:
>> http://docs.ansible.com/user_module.html#examples
>>
>> David
>>
>>
>>
>>
>>
>> 2014-09-04 3:46 GMT+02:00 John Ross Tasipit <[email protected]>:
>>
>>> On Wednesday, September 3, 2014 7:36:40 PM UTC+8, Michael DeHaan wrote:
>>>>
>>>> In your second example, is this a task, or is this a data definition?
>>>> I can't tell because there is not a module named "username" and once again
>>>> your indentation is all messed up :)
>>>>
>>>> *Sorry I pasted it wrong (for unknown cause), here is the correct one:*
>>> ---
>>> # Create a group for every user and make that their primary group
>>> users_create_per_user_group: true
>>> # If we're not creating a per-user group, then this is the group all
>>> users
>>> # belong to
>>> users_group: users
>>> # The default shell for a user if none is specified
>>> users_default_shell: /bin/bash
>>> # Create home dirs for new users? Set this to false if you manage home
>>> # directories in some other way.
>>> users_create_homedirs: true
>>>
>>> users:
>>> - username: John
>>> name: John Ross
>>> groups: ['sudo']
>>> uid: 1001
>>> *when: ansible_os_family == "Debian"*
>>> ssh_key:
>>>
>>> - "ssh-dss AAAAB3N...Enter code here...
>>>
>>> - username: John
>>> name: John Ross
>>> groups: ['wheel']
>>> uid: 1001
>>> *when: ansible_os_family == "RedHat"*
>>> ssh_key:
>>> - "ssh-dss AAAAB3N...
>>> *This is a task, revision of my first example.*
>>>
>>> If this is your first ansible task, let me know and I can point you to
>>>> the proper documentation sections, if not, please take a critical eye to
>>>> how it looks relative to your other tasks and it should be easy to spot.
>>>>
>>>> *Yes its my first ansible task (could you teach me what maGIC DID YOU
>>> USED TO KNOW THAT!!!)*
>>>
>>> Again, in failure scenarios, it's helpful to post the error message. I
>>>> suspect it's not only "not skipping", but the module is telling you what's
>>>> wrong.
>>>>
>>>> *Yes I will post error message next time *
>>>
>>>>
>>>>
>>>>
>>>> On Wed, Sep 3, 2014 at 7:35 AM, Michael DeHaan <[email protected]>
>>>> wrote:
>>>>
>>>>> In your first example, you can't stick a "when:" twice in a single
>>>>> task.
>>>>>
>>>>> You can feed it a list of multiple conditionals, but I think your
>>>>> problem is you are missing a "-" to seperate two different tasks.
>>>>>
>>>>> However, in the text below, there are other questions and problems,
>>>>> such as "username" vs "user", which I suspect selects a module, and other
>>>>> duplicated fields, like "groups".
>>>>>
>>>>> Another problem is the when is indented and not at "task" level,
>>>>> though the module should yell to you about being sent a parameter it
>>>>> doesn't know about.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Sep 2, 2014 at 11:52 PM, John Ross Tasipit <[email protected]
>>>>> > wrote:
>>>>>
>>>>>> Sorry for the mistype, on 2nd highlighted code syntax, below is the
>>>>>> correct one:
>>>>>>
>>>>>>
>>>>>> On Wednesday, September 3, 2014 11:45:32 AM UTC+8, John Ross Tasipit
>>>>>> wrote:
>>>>>>>
>>>>>>> # The default shell for a user if none is specified
>>>>>>> users_default_shell: /bin/bash
>>>>>>> # Create home dirs for new users? Set this to false if you manage
>>>>>>> home
>>>>>>> # directories in some other way.
>>>>>>> users_create_homedirs: true
>>>>>>>
>>>>>>> # Lists of users to create and delete
>>>>>>> users:
>>>>>>> - username: username
>>>>>>> name: full_name_of_user
>>>>>>> groups: ['sudo']
>>>>>>> *when: ansible_os_family == "Debian"*
>>>>>>> groups: ['wheel']
>>>>>>> *when: ansible_os_family == "RedHat"*
>>>>>>> uid: 2001
>>>>>>> ssh_key:
>>>>>>> - "ssh-dss AAAAB3N...Enter code here...
>>>>>>>
>>>>>>> When conditionals not skipping "RedHat" tasks using the above
>>>>>>> roles/users/default/main.yml syntax, which is for an ubuntu system
>>>>>>>
>>>>>>> I also tried doing this:
>>>>>>>
>>>>>>>
>>>>>> # The default shell for a user if none is specified
>>>>>>> users_default_shell: /bin/bash
>>>>>>> # Create home dirs for new users? Set this to false if you manage
>>>>>>> home
>>>>>>> # directories in some other way.
>>>>>>> users_create_homedirs: true
>>>>>>>
>>>>>>> # Lists of users to create and delete
>>>>>>> users:
>>>>>>> - username: username
>>>>>>> name: full_name_of_user
>>>>>>> groups: ['sudo']
>>>>>>>
>>>>>>> uid: 1001
>>>>>>> *when: ansible_os_family == "Debian"*
>>>>>>> ssh_key:
>>>>>>>
>>>>>>> - "ssh-dss AAAAB3N...Enter code here...
>>>>>>>
>>>>>>> - username: same_as_above_username
>>>>>>> name: full_name_of_user
>>>>>>> groups: ['wheel']
>>>>>>> uid: 1001
>>>>>>> *when: ansible_os_family == "RedHat"*
>>>>>>> ssh_key:
>>>>>>> - "ssh-dss AAAAB3N...
>>>>>>>
>>>>>>>
>>>>>>> ... but still not skipping "redhat" tasks
>>>>>>>
>>>>>>> Hope someone can help. TIA
>>>>>>>
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Ansible Project" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to [email protected].
>>>>>> To post to this group, send email to [email protected].
>>>>>> To view this discussion on the web visit https://groups.google.com/d/
>>>>>> msgid/ansible-project/076420b3-8abc-40e7-9d1e-0c5c186cd650%
>>>>>> 40googlegroups.com
>>>>>> <https://groups.google.com/d/msgid/ansible-project/076420b3-8abc-40e7-9d1e-0c5c186cd650%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>>> .
>>>>>>
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>
>>>>>
>>>>>
>>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> To post to this group, send email to [email protected].
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/74633885-9860-45cc-b848-
>>> 134d30ea8d61%40googlegroups.com
>>> <https://groups.google.com/d/msgid/ansible-project/74633885-9860-45cc-b848-134d30ea8d61%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>>
>> --
>> David Karban
>> Specialista na správu linuxových serverů
>> www.karban.eu
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/95636bc8-c98e-4730-91a2-64c9a66261fe%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/95636bc8-c98e-4730-91a2-64c9a66261fe%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
> For more options, visit https://groups.google.com/d/optout.
>
--
David Karban
Specialista na správu linuxových serverů
www.karban.eu
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAOBFM94cog-qo8u1%2BxaVfeinr%2B%3D2JHArxwUafOBiQ96aKtHq4w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
