Error with playbook, which should create user accounts and set authorized public keys

Hi Guys,

I get an error when I run a playbook, which aims to create new users and set authorized keys for them. The error:

TASK: [create new users] ******************************************************
fatal: [testvm1] => with_items expects a list or a set
fatal: [testvm2] => with_items expects a list or a set

Here’s a part of the playbook (the first task fails):

  • name: create new users
    user: name={{ item.name }} group=wheel append=yes password={{user_password}}
    with_items: “{{users}}”

  • name: set pub keys
    authorized_key: “user={{ item.0.name }} key=‘{{ lookup(‘file’, item.1) }}’”
    with_subelements:

  • users

  • authorized

  • name: set pass expiration
    command: /usr/bin/chage -d 0 {{ item.name }}
    with_items: “{{users}}”

Here’s the var file:

that looks correct, very similar to what i was doing.

can you run with -vvvv and also - debug: var=users ?

Hi Brian,

here’s the info you asked for:

TASK: [debug var=users] *******************************************************
ESTABLISH CONNECTION FOR USER: dimitar
ESTABLISH CONNECTION FOR USER: dimitar
ok: [testvm1] => {
“var”: {
“users”: “users”
}
}
ok: [testvm2] => {
“var”: {
“users”: “users”
}
}

TASK: [create new users] ******************************************************
fatal: [testvm2] => with_items expects a list or a set
fatal: [testvm1] => with_items expects a list or a set

FATAL: all hosts have already failed – aborting

Hope it helps :slight_smile:

Regards,
Dimitar

You loop needs something to iterate over. Since ansible treats variables as strings, you need to make is a list. Try something like below:

cat ./split_users.yml

your debug is indicative that 'users' is undefined, that is why it is
failing (we made the message much clearer in 2.0)

Ok, I managed to fixed with what you and Shawn said, but why the following happens:

When I define this in my playbook:
vars:
include: /etc/ansible/add_users/global_vars/main.yml

And then I have the following in my vars file:

Please ignore the differences in user names and public keys, they’re the same (I used to change the names in this thread only).

vars:
    include: /etc/ansible/add_users/global_vars/main.yml

^ that does not work, you want:

vars_files:
  - /etc/ansible/add_users/global_vars/main.yml

https://docs.ansible.com/playbooks_variables.html#variable-file-separation

include is for plays or tasks, for vars you have vars_files or as a
task include_vars.

Yes, it works like this:
vars_files:

  • /etc/ansible/add_users/global_vars/main.yml

Thanks,
Dimitar