Re: [ansible-project] Re: call a role with different parameters from the same playbook

[Kai Stian Olstad]

On 23. mars 2017 16:42, Eric Belhomme wrote:
Hello,
Thanks to you suggestion, I re-factored my code and putting the variables
into vars/meddle.yml :

- ssl_certs:
  - mailgate:
      key: '/etc/ssl/private/letsencrypt_meddle.example.com_mailgate.key'
      csr: '/tmp/letsencrypt_meddle.example.com_mailgate.csr'
      crt: '/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate.pem'
      fullchain_crt:
'/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate_fullchain.pem'
      email: 'postmas...@example.com'
      subjectAltName:
'DNS:mail.example.com,DNS:smtp.example.com,DNS:imap.example.com'
  - http:
      key: '/etc/ssl/private/letsencrypt_meddle.example.com_http.key'
      csr: '/tmp/letsencrypt_meddle.example.com_http.csr'
      crt: '/etc/ssl/certs/letsencrypt_meddle.example.com_http.pem'
      fullchain_crt:
'/etc/ssl/certs/letsencrypt_meddle.example.com_http_fullchain.pem'
      email: 'webmas...@example.com'
      subjectAltName:
'DNS:example.com,DNS:www.example.com,DNS:webmail.example.com,DNS:photo.example.com'


The playbook looks now like this :

---

- name: test certificate creation
  hosts: meddle
  strategy: debug

  vars_files:
    - "vars/defaults.yml"
    - "vars/meddle.yml"

  roles:
    - { role: sslcert, ssl_cert: ssl_certs.mailgate }
    - { role: sslcert, ssl_cert: ssl_certs.http }

But unfortunately this doesn't work : my variable "ssl_cert" does not
contain what I expect :

What do you expect it to contain?
Since you haven't provided the role code I'll have to guess you are 
using ssl_cert.key, ssl_cert.csr and so on in you role code.
If so you need change the vars file to:

ssl_certs:
  mailgate:
    key: '/etc/ssl/private/letsencrypt_meddle.example.com_mailgate.key'
    csr: '/tmp/letsencrypt_meddle.example.com_mailgate.csr'
    crt: '/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate.pem'
    fullchain_crt: 
'/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate_fullchain.pem'
    email: 'postmas...@example.com'
    subjectAltName: 
'DNS:mail.example.com,DNS:smtp.example.com,DNS:imap.example.com'
  http:
    key: '/etc/ssl/private/letsencrypt_meddle.example.com_http.key'
    csr: '/tmp/letsencrypt_meddle.example.com_http.csr'
    crt: '/etc/ssl/certs/letsencrypt_meddle.example.com_http.pem'
    fullchain_crt: 
'/etc/ssl/certs/letsencrypt_meddle.example.com_http_fullchain.pem'
    email: 'webmas...@example.com'
    subjectAltName: 
'DNS:example.com,DNS:www.example.com,DNS:webmail.example.com,DNS:photo.example.com'

And roles to:
  - { role: sslcert, ssl_cert: '{{ ssl_certs.mailgate }}' }
  - { role: sslcert, ssl_cert: '{{ ssl_certs.http }}' }

--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ca24fa6b-00c9-2b12-5b07-924d726acac7%40olstad.com.
For more options, visit https://groups.google.com/d/optout.