Try using with_subelements
https://docs.ansible.com/ansible/playbooks_loops.html#looping-over-subelements
and change the structure. Something like :
ssh_authorized_keys:
- root:
- foo
- other_user:
- bar
- baz
On Thursday, 7 January 2016 16:53:51 UTC+5:30, cmacrae wrote:
>
> Hi all,
>
> Further misunderstandings on my part for iterating over varied YAML
> structures, but here's the deal:
> I'm writing a super tiny role with the intent of dynamically deploying any
> authorized_keys defined in a host/group's vars.
> That is to say, I need a task that will deploy keys to varied users, and
> the keys all need to be exclusive.
>
> The use of files or templates will not suffice in this case - this needs
> to be scalable and in a sane structure.
>
> Right now here's the approach I'm taking.
> I have my keys defined like so:
> ---
> ssh_authorized_keys:
> root:
> keys:
> - user1: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvVO3ULx8fNGgInHCFQV6q/
> gEARBWyS9eA1qRaTEu4njawEjiqSGFHgPuvmgtKlft2MqbnCG3cokFKRAEOZEzy+
> gUMES8IQEHuSsJuZFnlUC4yzm1mI1OjJk9PwTLDD6OGJDL1gIkz37CYITbsaufS6gFrpoMBZhkVcVKk0JBnmGF
> /
> QZUD1uHKFLMtyVwvw8pzWcBcAYBBw5O6hjo2pRIX100bCdMxDrXwFp4yFiJPG6LCya4701whZpqgwk3j
> /RakJdZLA3pgAlVPZswz8ezj2U5PIYJi+LrUaPE57Zr/
> eVwNnBE7QPsKCCurIy1bLR0KXiqOmUzdzWDphYCelRurM== user1
> other_user:
> keys:
> - user2: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvVO3ULx8fNGgInHCFQV6q/
> gEARBWyS9eA1qRaTEu4njawEjiqSGFHgPuvmgtKlft2MqbnCG3cokFKRAEOZEzy+
> gUMES8IQEHuSsJuZFnlUC4yzm1mI1OjJk9PwTLDD9OGJDL1gIkm37CYITbsagfS6gFrpoMBZhkVcVKk0JBnmwF
> /
> QZUD1uHKFLMtyVwvw8pzWcBcAYBBw5O6hjo2pRIX100bCdMxDrXwFp4yFiJPG6LCya4701whZpqgwk3d
> /RakJdZLA3pgAlVPZswz8ezj2U5PIYJl+LrUaPE57ZR/
> eVwNnBE7QPsKCCurIy1bLR0KXiqOmUzdzWDphYCelRurQ== user2
> - user3: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAgkLcC/
> o1aDxaXFJdyTMhlF4UiwNO/tdQf6EIYJzikSBNKECBjmvrM6bNaIkWA/
> AzB2dgTS0mug2aVomsBeyN8gAGfV/
> Wi3bO1kXuI23BmkPUn36OgE5ppQ0O2Gp8VjJaffV9EiYeEY/QlwnshAS7gfDPeTO+
> u5f0ZP0TZw29m+F3CKIJWPruDJJvXMkyc5qokh5kUpm0GYlhGyDi596st3Gsh/9LF/
> I2sEJH3LTP0gs0bWjbHN9XcIw8gbPT50zNZvqv9FGvgsMCErYC5lwPVN1670cpOpqLYV4PgU77t751CE9RsmASeB6Elwh0pAKlfxzITBx4W6aVxkl8Utlblw
> == user3
>
>
> As you can see, the structure includes a key named after the user that I
> want to deploy the keys to (shown above as 'root' and 'other_user').
> Then, there's a sub key, with a list as it's value called keys (this isn't
> necessarily imperative, it just helped with my thinking of iteration).
> The list is then structured showing the name of the user the key belongs
> to, with a value of the actual public key.
>
> Here's the task I'm attempting to deploy these keys with (this doesn't
> work!).
> Hopefully it conveys my thinking/approach:
> ---
> - name: "Ensure any defined authorized_keys are deployed"
> authorized_key:
> user: "{{ item.key }}"
> manage_dir: yes
> exclusive: yes
> key: |
> {% for users in item.value.keys %}
> {% for _, pubkey in users.items() %}
> {{ pubkey }}
> {% endfor %}
> {% endfor %}
> with_dict: ssh_authorized_keys
>
> I've successfully deployed multiple, exclusive authorized_keys using a
> similar structure and approach, the only lacking functionality being the
> ability to dynamically define the 'user' key, which is the most important
> part!
>
> I'd really appreciate anyone's feedback on this, it's driving me a little
> crazy!
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/80fc21ea-30ee-48c3-ba93-6ff03f8083ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
