So we have "--private-key-file". Currently that is not settable per
play as a play level option but I'm not against it.
Right now I think everyone uses common keyfiles for everything
addressed in the same playbook run.
Best way to do this is probably to allow it to be set as an inventory
variable, like ansible_private_key_file, BTW.
That would allow it per host. Which may be sufficient, it's not
quite a per play thing, and it can be a per "host+user" thing, but I
think that would work for most people.
Does this mean that inventory variables can be used in any meaningful way to pass key info to plays?
I'm discussing future possibles about a very small patch idea.
They can already be used to pass some things like the connection type,
so it's not a stretch to do this at all.
Please file a github ticket so we don't forget (and you can be
notified once that is there!)
I’d like this capability also - I haven’t seen anything in the docs about being able to do this, or any other traffic on the list that makes it seem like this has been added in (though I might’ve missed it). I didn’t see an issue open for it - so I wasn’t sure if it had been resolved. Should I file a ticket for it?
Thanks,
if you use ssh connector, you can have private keys per host (in .ssh/config).
Actually it’s already doable.
ansible_ssh_private_key_file is a valid inventory variable.