Hi folks,
I have a presumably typical setup - see end for the yaml files.
- a generic role to create users
- a vars file with all the users across my environment
Which works fine if I want all users on every box.
However I need to apply only a subset of these users to various systems
- for example, all boxes should have the ansible user created, but only
webservers should have the additional ops user created.
I couldn't find a way from within the playbook only to require the
ansible user from `vars/users.yml`. So I tried instead splitting the
vars up into 2 separate files in the playbook:
```bootstrap.yml
Maybe something like
when: ‘webservers’ in group_names
Might help.
This is the crux of the issue - I can't put this in the vars file, so
how does one keep the roles and vars info reusable? I should be able to
constrain these only in the final playbook.
Here's the error I got trying to limit to a specific user, ignoring the
inventory class for the moment as it's a trivial when: clause.
{"failed": true, "msg": "The conditional check 'users.item.key ==
\"ansible\"' failed. The error was: error while evaluating conditional
(users.item.key == \"ansible\"): 'dict object' has no attribute 'item'"}
& the playbook:
- name: deploy and configure site
hosts: all
become: yes
gather_facts: yes
vars_files:
- vars/users.yml
roles:
- { role: users, when: users.item.key == "ansible" }
Any other suggestions? Different approaches?
End goal is that on all hosts we have ansible user created, and on Y
hosts, a subset of all hosts, we have additional users set up
A+
Dave