authorized_key : How to put default value or bypass it
203 views
Skip to first unread message
Hieronymus
Jan 23, 2020, 3:24:45 AM1/23/20
to Ansible Project
Hi
I'm using the authorized_key module in my ansible user role.
As some user aren't ssh key yet, I would like that by default this key is not created and the task escaped.
I've seen that the key string is required by this module.
Is means that I cannot put a false default value?
Here's my main task:
[...]
- name: "add public keys to users"
authorized_key:
user: '{{ item.name }}'
key: '{{ item.ssh_key }}'
ignore_errors: yes
with_items: '{{ user }}'
[...]Here's the definition yaml file:
[...]
user:
- name: 'bob'
password: "{{ bob_pass }}"
comment: 'Bob McKenzie'
uid: '2000'
group: 'bob'
groups: 'wheel'
shell: '/bin/bash'
state: "{{ 'present' if bob_pass else 'absent' }}"
ssh_key: "{{ bob_key | default(false) }}"
[...]The bob_key is define in an another yaml variable file.
Here's the error:
[WARNING]: The value False (type bool) in a string field was converted to 'False' (type string). If this does not look like what you expect, quote the entire value to ensure it does not change.
failed: [localhost] (item={'name': 'tzdkom', 'password': .....
..... "msg": "invalid key specified: False"}Is the variable ssh_key: "{{ bob_key | default(false) }}" wrong ?
Could you please explain me this?
Has someone an idea to bypass this problem when no ssh_key exist?
Thanks and best regards,
M.
Martin Krizek
Jan 23, 2020, 6:14:07 AM1/23/20
to ansible...@googlegroups.com
Just skip the item when ssh_key is not available (`false` in your example):
- name: "add public keys to users"
authorized_key:
user: '{{ item.name }}'
key: '{{ item.ssh_key }}'
with_items: '{{ user }}'
when: item.ssh_key
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f78ebfe9-b916-4eed-9865-0ff47f12190c%40googlegroups.com.
- name: "add public keys to users"
authorized_key:
user: '{{ item.name }}'
key: '{{ item.ssh_key }}'
when: item.ssh_key
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f78ebfe9-b916-4eed-9865-0ff47f12190c%40googlegroups.com.
Hieronymus
Jan 23, 2020, 7:40:13 AM1/23/20
to Ansible Project
That's exactly what I need. I really hadn't seen that.
Thanks a lot
Thanks a lot
Reply all
Reply to author
Forward
0 new messages