Ansible trying to use root user to ssh instead of host_var user?

Hello,
Im trying to learn/setup ansible for my homelab.
Ansible uses the ansible_user var fine for the initial ssh to gather facts, but when starting the update-ubuntu.yml, it tries to use root no matter what I try.
FYI, root is locked so its impossible to ssh to it. My intended behaviour is for it to login as my normal user and then sudo to root privileges. Not login as root from the get go for some reason.
Does someone have any pointers for me on this?

Thank you in advance :slight_smile:

-Using Ansible 2.12.10
-I would like to add logs but they show usernames and ips and I would rather not share these? I assume there is no way to have them be anonymized.

Log:

sudo ansible-playbook main-playbook.yml

PLAY [k-server] ********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
ok: [my-server]

PLAY [Update ubuntu] ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
fatal: [my-server]: UNREACHABLE! => changed=false
  msg: 'Failed to connect to the host via ssh: root@my-server: Permission denied (publickey,password).'
  unreachable: true

PLAY RECAP *************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
my-server                   : ok=1    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0

main_playbook.yml

---
- hosts: my-server
- import_playbook: playbooks/update-ubuntu.yml

playbooks/update-ubuntu.yml

---
- hosts: ubuntu
  name: Update ubuntu
  tasks:
    - name: Update all packages
      #become: true
      apt:
        update_cache: yes
        upgrade: 'yes'

hosts

[servers]
my-server
nas

[servers:vars]
ansible_ssh_port=2222

[ubuntu]
my-server

host_vars/my_server

ansible_host: <<my_server_ip>>

#ssh credentials
ansible_user: <<my_username>>
ansible_password: <<EXPUNGED>>

I just noticed it also tries to login at “my-server” instead of the ip given for my_server with ansible_host in inventory/my_server. So it really seems to not use the host vars for some reason. I tried changing “hosts: ubuntu” to “hosts: my_server” in the update-ubuntu.yml but sadly that didnt change anything.

After moving /host_vars/my_server to /inventory/host_vars/my_server it now works. I dont quite understand why though, because the ansible best practice page states to place the host_vars at the top-level, not sindie /inventory.

Could someone explain this to me?

One issue is the file in host_vars needs to have the same name as the host my-server, instead of my_server.

host_vars/group_vars are always looked up relative to the current playbook and inventory. So if the playbooks are at the top level, it would work.

With the given layout (after fixing the filename) the variables in host_vars/my-server would be available in main_playbook.yml, but not available to the playbooks in the playbooks/ directory.

1 Like