Hello, I have developed a role that uses group_vars/all (usually) and very defined scope. Manage access to root user in several machines[1].
While developing it, I have realized that when I specify a site.yml like the one in the gist, I (txomon) wouldn't have access to others host group. The reason is because all is run first, and gives me access to all the computers, and then, others' task is run, which give access to test user and leaves me out. I have explored a little with hash_behaviour config parameter, but doesn't seem to work as I expected. I am accustomed to Puppet's hiera, which you can go overriding level by level, but I am unable to reproduce this behaviour with ansible. My questions are: 1.- How can I have sysadmins get access to all computers and development just in the others ones, without having to explicitly write sysadmins in all the hosts? 2.- Is there any way I can override variables to create hiera-like behaviour? 3.- Do you know any better role to control exactly who has ssh access? Cheers, Javier Domingo Cansino [1] User management role: https://gist.github.com/txomon/a3afe985672358927406 -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3899045c-cc2d-4a19-b940-48e75627241c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
