New to ansible.
Trying to create a playbook to do the following:
1 Checks if a user exists and if not create
2 Check if /home/user/.ssh exists and if not create it
3 Copy ssh keys for the user
Having a problem with part 2
I have a variable file as follows
Ops:
- User1:
uname: user1
passwd: ValidHash
- User2:
uname: user2
passwd: ValidHash
Relevant part of playbook that is giving me trouble…
-
name: Attempt to check .ssh folder exists
action: shell test -d /home/{{item[‘uname’]}}/.ssh && echo “exists” || echo “”
register: folder_exists
with_items: Ops
-
name: Make .ssh folder for each user
action: shell mkdir /home/{{item[‘uname’]}}/.ssh
with_items: Ops
when: not folder_exists
The “when” check fails even though the folders do not exist. Run with -vv
Ansible modules are pretty much idempotent, so you shouldn’t need to check something and then create it…
What you want to do here is…
- Create a user
- Add the .ssh directory
- copy the .ssh keys
No need to check things (Ansible does that for you).
Adam
The UserX: variable portion wasn’t used so I’ve removed it…
Ops:
passwd: ValidHash
- uname: user2
passwd: ValidHash
Then your tasks would be something like this…
-
user: name={{ item.uname }} state=present update_password=on_create password={{ item.password }} createhome=yes
with_items: Ops
-
file: path=/home/{{ item.uname }}/.ssh state=directory mode=0700 owner={{item.uname}}
with_items: Ops
I’m not sure what files you would want to copy… You might prefer to use generate_ssh_key in the user task and then copy an authorized key using authorized_key… I’m not entirely sure which fits best with what you want…
Your problem earlier was that register will create folder_exists… And you probably shouldn’t be using shell actions for things that real modules exist for. Shell is not idempotent, but the other modules are. So if they don’t need to do anything they won’t.
Adam
What module should I use for that?
Tried calling mkdir from the shell command, which fails when the folder already exists.
Tried looking at the Files Modules, but did not see a command to make directories.
This is how I was trying to create the folder
action: shell mkdir /home/{{item[‘uname’]}}/.ssh
stderr: mkdir: cannot create directory `/home/user1/.ssh’: File exists
Thanks for any additional pointers.
I was writing a reply to your previous post when you sent this…
- file: path=/home/{{ item.uname }}/.ssh state=directory mode=0700 owner={{item.uname}}
with_items: Ops
That is what I was looking for thanks.
And you probably shouldn’t be using shell actions for things that real modules exist for.
Agree. Still going over the documentation and figuring out what modules exist. Could not find a way to make a folder with a module.
Thanks again.
You might want to look into the command module rather than shell (a bit safer but also a bit more limited) and the creates= argument to it…
But yes, you use the file module to create directories as well as files. It’s worth looking through the whole modules documentation index every now and again to see what is in there, and what has been added.
I hope that this helps,
Adam
the authorized_keys module takes care of all of this if you let it manage the .ssh dir.
I wasn’t sure from the original description whether the intention is to set up the authorized_keys file or to add the users SSH keys into their home directory… Authorized_keys works for one but not the other.
Adam