Actually, looking through the code I believe you're correct. Setting the
option for -i again *might* work (assuming the rsync command will override
the setting with the second value, instead of throwing an error), however I
think using the rsync command directly is what you want anyway, as you said
the rsync is for a remote -> remote copy. The synchronize module will only
push or pull the file from or to the remote host and the Ansible controller
normally - there is no option to do a completely remote rsync. I'm kind of
surprised that using the delegate_to option makes it kind of work this way
at all.

On Mon, Feb 9, 2015 at 7:45 PM, Michael Spiegle <[email protected]>
wrote:

> I looked at the module code and it seemed like it would automatically add
> the key if it was being used.  I ended up running rsync directly using the
> command module and it seems to be working now.
>
> Looking at the rsync_opts argument, it seems like it will only append to
> the existing arguments, not change any existing arguments.  Did this work
> for you?
>
> On Monday, February 9, 2015 at 8:37:09 PM UTC-5, James Cammarata wrote:
>>
>> Hi Michael, have you tried setting the key option via the rsync_opts
>> and/or rsync_path parameters to synchronize module?
>>
>> On Sat, Feb 7, 2015 at 10:05 AM, Michael Spiegle <
>> [email protected]> wrote:
>>
>>> I have a simple task to copy a file from one path to another on a remote
>>> host.  I need a private key to SSH into the remote host, but the
>>> synchronize module automatically uses my private key in the rsync command
>>> too which seems unnecessary:
>>>
>>> ansible-playbook --private-key=keys/mykey.pem playbook.yml --tags=
>>> 'main,role-timezone-set-localtime' -vvvv
>>>
>>> ... some ansible output ...
>>> TASK: [timezone | set /etc/localtime to UTC]
>>> **********************************
>>> (redacted output)
>>>
>>> failed: [remote_machine -> remote_machine] => {"cmd": "rsync
>>> --delay-updates -FF --compress --checksum --archive --rsh 'ssh -i
>>> keys/mykey.pem -S none -o StrictHostKeyChecking=no'
>>> --out-format='<<CHANGED>>%i %n%L' \"[email protected]:/usr/share/zoneinfo/UTC\"
>>> \"/etc/localtime\"", "failed": true, "rc": 255}
>>>
>>> msg: Warning: Identity file keys/mykey.pem not accessible: No such file
>>> or directory.
>>> ssh: connect to host 1.2.3.4 port 22: Connection timed out
>>> rsync: connection unexpectedly closed (0 bytes received so far) [
>>> Receiver]
>>> rsync error: unexplained error (code 255) at io.c(605) [Receiver=3.0.9]
>>>
>>> In the above, you can see that the rsync process running on the remote
>>> machine is trying to use an ssh private key to log into itself, but that
>>> key only exists on my laptop where I'm running Ansible from.  Here's what
>>> my task looks like (I tried nulling the private_key to no avail):
>>>
>>> - name: set /etc/localtime to {{timezone}}
>>>
>>>  synchronize:
>>>
>>>    src: "{{tzfile}}"
>>>
>>>    dest: /etc/localtime
>>>
>>>    mode: pull
>>>
>>>    times: yes
>>>
>>>    checksum: yes
>>>
>>>    private_key: ""
>>>
>>>  delegate_to: "{{inventory_hostname}}"
>>>
>>>  tags: role-timezone-set-localtime
>>>
>>>
>>>  --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> To post to this group, send email to [email protected].
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/2d473d23-d164-4fc1-9b3a-
>>> 5d051e179836%40googlegroups.com
>>> <https://groups.google.com/d/msgid/ansible-project/2d473d23-d164-4fc1-9b3a-5d051e179836%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1ebada87-76b4-4a23-bdd9-5eb40a65405b%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/1ebada87-76b4-4a23-bdd9-5eb40a65405b%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFi5NPce8wPWv5t02Ui41wA2J9Ci1mdXM-uFO4dDwEz1gw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to