On Saturday, 18 April 2015 19:20:32 UTC+2, Serge van Ginderachter wrote:
Hi Serge,
No. There is nothing in the api that allows this without an update to the
> core code.
> It is though something to consider, when we have a look at the inventory
> after 2.0.
>
Okay, thanks for confirming this.
The reason I have asked this question is that we're using ansible in pull
mode, with ansible running locally. This has the downside that all our
roles, group_vars and host_vars are downloaded onto every host, thereby
exposing some sensitive data to hosts that shouldn't see it. Naturally, we
cannot use the vault, because it requires password entry. And trying to
figure out the roles that a host needs also appears undoable.
I have figured out a simple way to built rsync filters, that ensure that a
pull-mode host only gets its own host_vars file, and group_vars files of
the groups it belongs to. This has solved the issue of variables.
However, roles are a different story. We have several roles for different
things, and many of these roles contain files that are only needed on one
or a small subset of hosts. I would like to distribute these files only to
the hosts that need them. This is the reason I asked my question.
For now, I have a work-around, that works, but is ugly. In my roles,
wherever I need to copy a file, I'm doing this:
copy: content='{{ file_content }}' dest=/path/to/dest
I'm keeping the entire file's content in a variable called "file_content"
in that host's host_vars file, or in a group_vars file if appropriate. For
lines of a few lines, this isn't bad. But files that are bigger look ugly
in a variable.
So if Ansible had the concept of host_files and group_files, with some kind
of "first found" logic, it would be really nice.
Regards,
Anand
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/aa244859-8064-45ed-bcab-eee242e7e095%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
