Struggling with optional arguments to a playbook
43 views
Skip to first unread message
Martin Brooks
May 25, 2017, 11:54:41 AM5/25/17
to Ansible Project
Hello
I have a simple playbook that distributes my SSH key. I tried to make a more generic version of the playbook that would accept arguments via -e so that the same playbook could distribute either a different key or a key for a different user. This is what I have so far:
---
- hosts: all
vars:
username: "{{ username if username is defined else {{ansible_user_id}} }}"
ssh_public_key: "{{ lookup('file', '{{ keyfile }}') if keyfile is defined else lookup('file', '/home/{{ username }}/.ssh/id_rsa.pub') }}"
tasks:
- debug: var=ssh_public_key
- debug: var=username
- name: Make sure the user's ~/.ssh exists.
file:
path: /home/{{ username }}/.ssh
state: directory
owner: "{{ username }}"
group: domain^users
mode: 0750
- name: Distribute my key
become: true
authorized_key:
user: "{{ username }}"
key: "{{ ssh_public_key }}"
manage_dir: yes
This fails when invoked with no arguments (i.e. nothing passed via -e) but I simply do not understand the error message:
TASK [debug] ******************************************************************************************************************************************************************************************************
fatal: [dgsdtstlum01.mcs.local]: FAILED! => {"failed": true, "msg": "{{ lookup('file', '{{ keyfile }}') if keyfile is defined else lookup('file', '/home/{{ username }}/.ssh/id_rsa.pub') }}: {{ username if username is defined else {{ansible_user_id}} }}: template error while templating string: expected token ':', got '}'. String: {{ username if username is defined else {{ansible_user_id}} }}"}
I apologise if this is a simple error, but I've been bashing at it for hours with no success and google isn't being forthcoming. Where exactly is it expecting a ":" and why?
This is ansible version 2.3.0. Thanks for reading.
Regards
Martin.
I have a simple playbook that distributes my SSH key. I tried to make a more generic version of the playbook that would accept arguments via -e so that the same playbook could distribute either a different key or a key for a different user. This is what I have so far:
---
- hosts: all
vars:
username: "{{ username if username is defined else {{ansible_user_id}} }}"
ssh_public_key: "{{ lookup('file', '{{ keyfile }}') if keyfile is defined else lookup('file', '/home/{{ username }}/.ssh/id_rsa.pub') }}"
tasks:
- debug: var=ssh_public_key
- debug: var=username
- name: Make sure the user's ~/.ssh exists.
file:
path: /home/{{ username }}/.ssh
state: directory
owner: "{{ username }}"
group: domain^users
mode: 0750
- name: Distribute my key
become: true
authorized_key:
user: "{{ username }}"
key: "{{ ssh_public_key }}"
manage_dir: yes
This fails when invoked with no arguments (i.e. nothing passed via -e) but I simply do not understand the error message:
TASK [debug] ******************************************************************************************************************************************************************************************************
fatal: [dgsdtstlum01.mcs.local]: FAILED! => {"failed": true, "msg": "{{ lookup('file', '{{ keyfile }}') if keyfile is defined else lookup('file', '/home/{{ username }}/.ssh/id_rsa.pub') }}: {{ username if username is defined else {{ansible_user_id}} }}: template error while templating string: expected token ':', got '}'. String: {{ username if username is defined else {{ansible_user_id}} }}"}
I apologise if this is a simple error, but I've been bashing at it for hours with no success and google isn't being forthcoming. Where exactly is it expecting a ":" and why?
This is ansible version 2.3.0. Thanks for reading.
Regards
Martin.
Brian Coca
May 25, 2017, 12:29:31 PM5/25/17
to Ansible Project
rule #1 of templating: moustaches do not stack!
you cannot have {{ }} inside {{ }}. rewrite as:
username: "{{ username if username is defined else ansible_user_id }}"
or
username: {{ username|default(ansible_user_id) }}
or
vars_prompt:
name: username
default: "{{ansible_user_id}}
^ vars prompt is automatically overridden by -e.
----------
Brian Coca
you cannot have {{ }} inside {{ }}. rewrite as:
username: "{{ username if username is defined else ansible_user_id }}"
username: {{ username|default(ansible_user_id) }}
or
vars_prompt:
name: username
default: "{{ansible_user_id}}
^ vars prompt is automatically overridden by -e.
----------
Brian Coca
Martin Brooks
May 25, 2017, 1:48:29 PM5/25/17
to Ansible Project
Thanks for that. I eventually managed to get it working via this method:
---
- hosts: all
tasks:
- set_fact:
username: "{{ username | default(ansible_user_id) }}"
- set_fact:
keyfile: "{{ keyfile | default('/home/' + username + '/.ssh/id_rsa.pub') }}"
- set_fact:
ssh_public_key: "{{ lookup('file', '{{ keyfile }}') }}"
Interestingly, or not, it fails if I attempt to collapse the three set_fact statements into one stanza:
TASK [set_fact] ***************************************************************************************************************************************************************************************************
fatal: [dgsdtstlum01.local]: FAILED! => {"failed": true, "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'username' is undefined\n\nThe error appears to have been in '/home/mbrooks/ansible-config/books/distribute_ssh_key.yaml': line 5, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n tasks:\n - set_fact:\n ^ here\n"}
Some kind of scope guarding? Moustaches not stacking noted, thankyou.
Mart.
Brian Coca
May 25, 2017, 3:00:34 PM5/25/17
to Ansible Project
you are still stacking:
ssh_public_key: "{{ lookup('file', '{{ keyfile }}') }}"
should be:
ssh_public_key: "{{ lookup('file', keyfile) }}"
----------
Brian Coca
ssh_public_key: "{{ lookup('file', '{{ keyfile }}') }}"
ssh_public_key: "{{ lookup('file', keyfile) }}"
----------
Brian Coca
Reply all
Reply to author
Forward
0 new messages