I am learning ansible and as an exercise I thought I would script my laptops. I have a mac laptop and a linux laptop and would like to see if I can script both of them using the same ansible repo. I know this is going to be rather difficult if not impossible but I am going to give it a try. The first thing I am trying to do is to handle ordinary files I need in various places. For example I like to keep some binaries and scripts in the ~/bin directory which is in my path and of course I also have a bunch of dotfiles. In all of these cases the files are additive and some I would like symlinked and some I would like to copy. What’s a good strategy to deal with this? so far I am trying this.
create a top level folder called files then files/common files/host_name and then subdirectories like files/common/dotfiles files/common/bin etc I then write a bunch of tasks to symlink the dotfiles, copy the bin files etc.
In some cases the files don’t fit this pattern in that the same file has to be in completely different folders on both machines what’s a good way to deal with that?
Also how do I deal with files with secrets in them. I would like to use the same id_rsa and various keys in the .ssh directory on both machines. I could put the .ssh into the dotfiles task and symlink that but I will be checking this code into git and don’t want to have these keys possibly be exposed. Same goes for files like .pgpass and such. The reason I like the symlink method is so that I can add a key or a known host on one machine and then push my repo to copy to the other machine when I run ansible again. if I encrypt the files I can’t use symlinks.
Thanks.