Selecting a subset from within with_items

[Kai Weber]

I have a task file to create users, add them to sudoers, enable ssh public key
login. A minimal version looks like this

---

vars_file: users.yml

- name: create user
user: name={{ item.name }} comment={{ item.fullname }}
with_items: users

The users.yml file is a list of all users known to my system:

---
users:
- { name: user1, fullname: "User One", sshkey: "..."}
- { name: user2, fullname: "User Two", sshkey: "..."}
- { name: user3, fullname: "User Three", sshkey: "..."}


I have some servers where only a subset of users should be created. I use the
create-user.yml in a playbook via include:

- include: create-user.yml

How can I pass a list of users to be created to the create-user.yml? The list
of users to be created may be defined in group_vars or host_vars. I thought
about something like this but do not know how to test for the condition in
create-user.yml:

- include: create-user.yml create=["user1", "user3"]

[Serge van Ginderachter]

How I solve this is by definig users in several list:

---

​​

users

​_dev​

:

 - { name: user1, fullname: "User One", sshkey: "..."}
 - { name: user2, fullname: "User Two", sshkey: "..."}

   ​

users

​_admin

:​​

 - { name: user3, fullname: "User Three", sshkey: "..."}

Then depending on the task I do

with_flattened:

- users_dev

- users_admin​​

- ..

- include: create-user.yml create=["user1", "user3"]

​You could use indirection and set the list of users in your inventory, based on that users.yaml vars file?​

[Kai Weber]

❦ Serge van Ginderachter <se...@vanginderachter.be>:

> Then depending on the task I do
> with_flattened:
> - users_dev
> - users_admin
> - ..

Where can I read about with_flattened?

But maybe this will not work for me. If I have users who are admins and devs I have to
duplicate their definition?

[Michael DeHaan]

I'm not sure why Serge is showing with_flattened here, when you wanted to iterate across ssh keys per user, rather than walk across two lists.

I've got a ticket open to create a lookup plugin more appropriate to making this easier, when there is a data structure of users.

https://github.com/ansible/ansible/issues/3752

We also have a ticket to make sure all the with_* features have examples in the 1.3 release.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--

Michael DeHaan <mic...@ansibleworks.com>
CTO, AnsibleWorks, Inc.
http://www.ansibleworks.com/

[Kai Weber]

❦ Michael DeHaan <mic...@ansibleworks.com>:

> I've got a ticket open to create a lookup plugin more appropriate to making
> this easier, when there is a data structure of users.

with_subelements sounds like a nice addition.

But what I want is having a list of all users in a vars file and then for
a certain host to only create this and that user.

users:
foo:
name: "Foo Bar"
ssh_key: "ssh-rsa ..."
bar:
name: "Bar Foo"
ssh_key: "ssh-rsa ..."
foobar:
name: "Barbara Foo"
ssh_key: "ssh-rsa ..."

On host alpha

- authorized_key: name={{ item.name }} key={{ item.ssh_key }}
with_items:
- users.foo
- users.bar

On host beta

- authorized_key: name={{ item.name }} key={{ item.ssh_key }}
with_items:
- users.foo
- users.foobar

[benno joy]

Would this help

- hosts: localhost

  vars:

   users:

      - name: benno

        last: joy

        host: abc

      - name: jj

        last: jb

        host: bcd

      - name: benz

        last: joy

        host: abc

  tasks:

   - user: name=item.name

     with_items: users

     when: item.host == inventory_hostname

Instead of host maybe use a group