> Any suggestions?
Questions more than suggestions, but you can take them as such anyway.
1) How many users are we talking about? If the user data is smaller than
the code it takes to manipulate it, maybe it'd be better to make the data
more complex and the code simpler.
2) Are these files the canonical source of truth, or are they downstream?
If downstream, perhaps it would be better to pull the data from upstream as
needed. If these files are canonical truth, then either restructure them in
a way that supports cleaner access, or consider creating an upstream data
source. The latter would only make sense if the answer to #1 was large
enough to justify it.
If it were me, and assuming a fairly small number of users and/or
relatively static data (i.e. I'm going to maintain this by hand for the
foreseeable future), I'd put all these user data into defaults/main.yml of
a custom "my_users" role, probably in a single dict keyed by ID, or maybe a
list. Make everything that might have multiple values for any user a list -
ssh keys for example - so even if a user has only one (or none) you access
that data the same way for everybody.
The fact that the expressions you're having to use to access the data
currently are unwieldy indicates the initial data structures are a problem.
Having user data split into multiple files may seem like a simplification,
but I think it's just the opposite.
Good luck!
On Saturday, April 16, 2022 at 6:13:42 AM UTC-4 richard wrote:
> Hi all,
>
> I have created a directory 'users' alongside my inventory. It has a
> directory 'user_vars', intended to be used like host_vars, but for
> users, obviously.
>
> In there, I have files like this:
>
> =====================
> ---
> name: richard
> gecos: 'Richard Hector,,,'
> shell: '/bin/bash'
> ssh_keys:
> - richard@foo
> - richard@bar
> =====================
>
> Then in host_vars/all, I have this kind of thing:
>
> =====================
> ---
> users:
> - richard
> admins:
> - richard
> ansible_users:
> - richard
> =====================
>
> I also have users/public_keys, which has a file for each of
> 'richard@foo' etc, containing one key.
>
> Where I'm stuck is reading in the user_vars file(s).
>
> I want to get rid of what I used to have:
>
> =====================
> - name: users
> user:
> name: '{{ item.name }}'
> comment: '{{ item.gecos }}'
> shell: '{{ item.shell }}'
> createhome: yes
> state: present
> groups: '{{ item.groups }}'
> append: yes
> with_items:
> - { name: 'richard', gecos: 'Richard Hector,,,', shell:
> '/bin/bash', groups: [ 'sudo', 'adm' ] }
> tags:
> - users
> ======================
>
> since I want to separate data from the rest of my config.
>
> So I'd like to either read all the user_vars files into a single
> dictionary before I run that loop, or read each file in its own
> iteration of the loop - or something better if that's the answer.
>
> I thought about using set_fact in a loop, but that would give me
> separate facts/variables for each user, making it harder(?) to index
> them (but maybe by text templating the variable name?)
>
> I also thought about doing a lookup in every line of the user loop
> above, but that seems wasteful, and I'm not sure how I'd do it anyway.
>
> Any suggestions?
>
> Thanks,
> Richard
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/9a60fee0-de27-45a5-8c2c-df260279f07en%40googlegroups.com.
