Awesome, thanks Raghu! This definitely looks like the right approach. I'll try this out and report back how I get on.
On Monday, 11 January 2016 18:36:21 UTC, Raghu Udiyar wrote: > > Try using with_subelements > https://docs.ansible.com/ansible/playbooks_loops.html#looping-over-subelements > > and change the structure. Something like : > > ssh_authorized_keys: > - root: > - foo > - other_user: > - bar > - baz > > > > On Thursday, 7 January 2016 16:53:51 UTC+5:30, cmacrae wrote: >> >> Hi all, >> >> Further misunderstandings on my part for iterating over varied YAML >> structures, but here's the deal: >> I'm writing a super tiny role with the intent of dynamically deploying >> any authorized_keys defined in a host/group's vars. >> That is to say, I need a task that will deploy keys to varied users, and >> the keys all need to be exclusive. >> >> The use of files or templates will not suffice in this case - this needs >> to be scalable and in a sane structure. >> >> Right now here's the approach I'm taking. >> I have my keys defined like so: >> --- >> ssh_authorized_keys: >> root: >> keys: >> - user1: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvVO3ULx8fNGgInHCFQV6q/ >> gEARBWyS9eA1qRaTEu4njawEjiqSGFHgPuvmgtKlft2MqbnCG3cokFKRAEOZEzy+ >> gUMES8IQEHuSsJuZFnlUC4yzm1mI1OjJk9PwTLDD6OGJDL1gIkz37CYITbsaufS6gFrpoMBZhkVcVKk0JBnmGF >> / >> QZUD1uHKFLMtyVwvw8pzWcBcAYBBw5O6hjo2pRIX100bCdMxDrXwFp4yFiJPG6LCya4701whZpqgwk3j >> /RakJdZLA3pgAlVPZswz8ezj2U5PIYJi+LrUaPE57Zr/ >> eVwNnBE7QPsKCCurIy1bLR0KXiqOmUzdzWDphYCelRurM== user1 >> other_user: >> keys: >> - user2: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvVO3ULx8fNGgInHCFQV6q/ >> gEARBWyS9eA1qRaTEu4njawEjiqSGFHgPuvmgtKlft2MqbnCG3cokFKRAEOZEzy+ >> gUMES8IQEHuSsJuZFnlUC4yzm1mI1OjJk9PwTLDD9OGJDL1gIkm37CYITbsagfS6gFrpoMBZhkVcVKk0JBnmwF >> / >> QZUD1uHKFLMtyVwvw8pzWcBcAYBBw5O6hjo2pRIX100bCdMxDrXwFp4yFiJPG6LCya4701whZpqgwk3d >> /RakJdZLA3pgAlVPZswz8ezj2U5PIYJl+LrUaPE57ZR/ >> eVwNnBE7QPsKCCurIy1bLR0KXiqOmUzdzWDphYCelRurQ== user2 >> - user3: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAgkLcC/ >> o1aDxaXFJdyTMhlF4UiwNO/tdQf6EIYJzikSBNKECBjmvrM6bNaIkWA/ >> AzB2dgTS0mug2aVomsBeyN8gAGfV/ >> Wi3bO1kXuI23BmkPUn36OgE5ppQ0O2Gp8VjJaffV9EiYeEY/QlwnshAS7gfDPeTO+ >> u5f0ZP0TZw29m+F3CKIJWPruDJJvXMkyc5qokh5kUpm0GYlhGyDi596st3Gsh/9LF/ >> I2sEJH3LTP0gs0bWjbHN9XcIw8gbPT50zNZvqv9FGvgsMCErYC5lwPVN1670cpOpqLYV4PgU77t751CE9RsmASeB6Elwh0pAKlfxzITBx4W6aVxkl8Utlblw >> == user3 >> >> >> As you can see, the structure includes a key named after the user that I >> want to deploy the keys to (shown above as 'root' and 'other_user'). >> Then, there's a sub key, with a list as it's value called keys (this >> isn't necessarily imperative, it just helped with my thinking of iteration). >> The list is then structured showing the name of the user the key belongs >> to, with a value of the actual public key. >> >> Here's the task I'm attempting to deploy these keys with (this doesn't >> work!). >> Hopefully it conveys my thinking/approach: >> --- >> - name: "Ensure any defined authorized_keys are deployed" >> authorized_key: >> user: "{{ item.key }}" >> manage_dir: yes >> exclusive: yes >> key: | >> {% for users in item.value.keys %} >> {% for _, pubkey in users.items() %} >> {{ pubkey }} >> {% endfor %} >> {% endfor %} >> with_dict: ssh_authorized_keys >> >> I've successfully deployed multiple, exclusive authorized_keys using a >> similar structure and approach, the only lacking functionality being the >> ability to dynamically define the 'user' key, which is the most important >> part! >> >> I'd really appreciate anyone's feedback on this, it's driving me a little >> crazy! >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0095dc5c-4d6b-401f-a863-740b7cf8cd40%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
