I've been struggling with this some time now. Our production servers
authenticate users against an LDAP. Therefore, in the playbook to setup a
production server, I'd like to first execute the role that configures SSH
to authenticate against the LDAP, disable root login and then proceed with
the next role, web server setup or something like that, as my own user,
'verhage'.
Basically, the structure of the playbook is:
playbook.yml:
---
- hosts: test
become: yes
roles:
- ldap # this role has to run with remote_user root
- webserver # from now on, proceed as non-root
It would be great if remote_user could be used per role, something like:
- ldap { remote_user: root }
Sadly, this is not supported. How should I do a thing like this? I tried
adding 'remote_user: root' to all tasks in the ldap role, but I couldn't
get that to work either.
The only solution I can think of right now is to create separate playbooks,
one for bootstrapping the server with LDAP user authentication, and another
containing everything that might be done as a regular user.
All help is appreciated :)
Rens
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/ca4a1fb3-0b10-45d4-8a4b-6742390a7281%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
