Hi,
in our inventory we use variables of type "list" like
userlist = "['alice', 'bob', 'mallory']"
which - e.g. - we use in loops within tasks to roll out public SSH keys:
- name: Roll out SSH keys for someotheruser
authorized_key:
user: someotheruser
manage_dir: yes
exclusive: no
key: "{{ lookup('file', 'vars/ssh-keys/'+item+'.pub') }}"
with_items: "{{ userlist }}"
This has some unwanted side-effects. Therefore we'd like to construct the full authorized_keys from a template and copy the resulting file:
- name: Roll out SSH keys for someotheruser
template:
src: authorized_keys.j2
dest: /home/someotheruser/.ssh/authorized_keys
owner: someotheruser
group: someothergroup
mode: 0600
force: yes
authorized_keys.j2:
# Managed by ansible, do not modify
{% for user in userlist %}
{{ lookup('file', 'vars/ssh-keys/'+user+'.pub') }}
{% endfor %}
This results in jinja seeing each single character of the variable "userlist" as a key and hence looks for the files "vars/ssh-keys/[.pub", "vars/ssh-keys/'.pub", "vars/ssh-keys/a.pub" ecc. ecc.
Is there a way to tell Jinja, that these variables are in fact lists? Like some kind of typecasting?
I am aware, that "Values [...] are [...] interpreted [...] as a string" (https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html). However we'd like to avoid separate host and group variable files, as they make the setup confusing.
Cheers
frank