-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🐞 Bug - ssh_config not working #11
Comments
I'll have a look this evening |
This is weird because it works without problems here. What version of Ansible is being used? Could you post the output of the Ansible run? |
I tried it on a staging setup and I get a different error related to this same step. (Staging environment)(Click to expand code)TASK [ssh-config : Configure ~/.ssh/config] ******************************************************************
task path: /home/user/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml:22
fatal: [10.0.0.999]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ssh_short_name'\n\nThe error appears to have been in '/home/user/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml': line 22, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Configure ~/.ssh/config\n ^ here\n"
}
to retry, use: --limit @/home/user/add-users-groups-authorized_keys-dot-files/site.retry
PLAY RECAP ***************************************************************************************************
10.0.0.999 : ok=18 changed=2 unreachable=0 failed=1
I'm using a different |
(dev environment)
I'm using a your provided Posting output of ansible on slexy. Because Github doesn't like that much output: (comment is too long (maximum is 65536 characters). ubuntu@bastion:~/git/private-fork/internal-ops/add-users-groups-authorized_keys-dot-files$ ssh -t 10.0.0.61 "cat ~/.ssh/config"
# BEGIN ANSIBLE MANAGED BLOCK
# END ANSIBLE MANAGED BLOCK
Connection to 10.0.0.61 closed.
ubuntu@bastion:~/git/private-fork/internal-ops/add-users-groups-authorized_keys-dot-files$ ssh -t 10.0.0.43 "cat ~/.ssh/config"
# BEGIN ANSIBLE MANAGED BLOCK
# END ANSIBLE MANAGED BLOCKConnection to 10.0.0.43 closed.
ubuntu@bastion:~/git/private-fork/internal-ops/add-users-groups-authorized_keys-dot-files$ ssh -t 10.0.0.79 "cat ~/.ssh/config"
# BEGIN ANSIBLE MANAGED BLOCK
# END ANSIBLE MANAGED BLOCKConnection to 10.0.0.79 closed. |
Do you have the following host_var set: I've also noticed something with the way the templating works to generate the ssh_config blocks. I need to look a bit further into that so I can fix that. |
I’ll check in about 15-20hours. I didn’t manually set that. So probably not?
…On Tue, Sep 4, 2018 at 22:13 Vincent Van der Kussen < ***@***.***> wrote:
Do you have the following host_var set: ssh_short_name?
example: 10.106.116.139 ssh_short_name=host2 ansible_user=root
I've also noticed something with the way the templating works to generate
the ssh_config blocks. I need to look a bit further into that so I can fix
that.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#11 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFYisecCTF_wGI8hIVLsLbIchXIYwgmuks5uX12LgaJpZM4WYElc>
.
|
My understanding of what you wrote is that I will have to get the host info from my Ansible controllers Can Ansible get the host name from the host it self on Ubuntu and FreeBSD? |
Depending on what you exactly need, you have some options amongst the gathered_facts (check
|
Some work got in the way to look at this. Will do that in the next few days. |
I merged your changes in f708bc9. It stops the problem I had with errors, but it doesn't seem to add my entries in (Click to expand group_vars/all)---
user_groups:
- name: test
gid: 799
state: absent
users:
- name: ec2-user
state: present
enable_sudo: true
keys:
- file: ec2-user
state: present
- name: ubuntu
state: present
enable_sudo: true
keys:
- file: ubuntu
state: present
bash_lines:
- line: 'export GPG_AGENT_INFO="${HOME}/.gnupg/S.gpg-agent:0:1"'
state: absent
bash_lines:
- line: 'export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent"'
state: present
bash_blocks:
- content: |
# SSH with GPG key on Yubikey
export GPG_TTY="$(tty)"
export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent"
state: absent
- content: |
###
## Filecount in a directory.
alias filecount='find . -maxdepth 1 -type f -print | wc -l'
## Reload shell
alias reload-bash_profile="source ~/.bashrc"
###
###
# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.
# From http://www.ukuug.org/events/linux2003/papers/bash_tips/
# Incremental searching with Up and Down is configured in .inputrc
bind '"\e[A": history-search-backward'
bind '"\e[B": history-search-forward'
#"\e[5~": history-search-backward
#"\e[6~": history-search-forward
#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.
#You could also change it to.
#"\e[5~": history-substring-search-backward
#"\e[6~": history-substring-search-forward
###
state: present
ssh_config:
- line: "ServerAliveInterval: 10"
- line: "StreamLocalBindUnlink: yes" I'm using:
as per PR #12 I've made some minor changes to fix issues a chicken and egg issue with FreeBSD. But nothing that should have broke ssh_config. (Click to expand roles/users/tasks/users.yml)---
- name: Ensure sudo is installed (Debian)
become_method: sudo
apt:
name: sudo
update_cache: yes
cache_valid_time: "{{ apt_cache_valid | default('86400') }}"
when: ansible_os_family == "Debian"
- name: Ensure sudo is installed (FreeBSD)
become_method: su
pkgng:
name: sudo
state: present
when: ansible_os_family == "FreeBSD"
- name: Enable sudo for user (FreeBSD)
become_method: su
lineinfile:
path: "{{ sudoers_path }}/{{ item.name }}"
line: "{{ item.name }} ALL=(ALL) NOPASSWD:ALL"
state: present
create: true
when:
- ansible_os_family == "FreeBSD"
- item.enable_sudo is defined and item.enable_sudo == true
with_items: "{{ users }}"
- name: Enable sudo for user (Ubuntu)
become_method: sudo
lineinfile:
path: "{{ sudoers_path }}/{{ item.name }}"
line: "{{ item.name }} ALL=(ALL) NOPASSWD:ALL"
state: present
create: true
when:
- ansible_os_family == "Debian"
- item.enable_sudo is defined and item.enable_sudo == true
with_items: "{{ users }}"
- name: Add/Remove group
become_method: sudo
group:
name: "{{ item.name }}"
gid: "{{ item.gid | default(omit) }}"
state: "{{ item.state | default('present') }}"
with_items: "{{ user_groups }}"
- name: Add/Remove user
become_method: sudo
user:
name: "{{ item.name }}"
state: "{{ item.state | default('present') }}"
password: "{{ item.password | default(omit) }}"
groups: "{{ item.groups | default(omit) }}"
uid: "{{ item.uid | default(omit) }}"
shell: "{{ item.shell | default(default_shell) }}"
remove: yes
no_log: False
with_items: "{{ users }}"
- name: Configure bashrc lines
become_method: sudo
lineinfile:
path: "/home/{{ item.0.name }}/.bashrc"
line: "{{ item.1.line }}"
state: "{{ item.1.state | default('present') }}"
backup: yes
with_subelements:
- "{{ users }}"
- bash_lines
- skip_missing: true
when: ansible_os_family == 'Debian' and item.0.state == "present"
- name: Configure bashrc blocks
become_method: sudo
blockinfile:
path: "/home/{{ item.0.name }}/.bashrc"
content: "{{ item.1.content }}"
marker: "# {mark} ANSIBLE managed content. Block item #{{ listitem }}"
state: "{{ item.1.state | default('present') }}"
backup: yes
with_subelements:
- "{{ users }}"
- bash_blocks
- skip_missing: true
when: ansible_os_family == 'Debian' and item.0.state == "present"
loop_control:
index_var: listitem
- name: Configure cshrc lines
become_method: su
lineinfile:
path: "/home/{{ item.0.name }}/.cshrc"
line: "{{ item.1.line }}"
state: "{{ item.1.state | default('present')}}"
backup: yes
with_subelements:
- "{{ users }}"
- csh_lines
- skip_missing: true
when: ansible_os_family == 'FreeBSD' and item.0.state == "present"
- name: Configure cshrc blocks
become_method: su
blockinfile:
path: "/home/{{ item.0.name }}/.cshrc"
content: "{{ item.1.content }}"
marker: "# {mark} ANSIBLE managed content. Block item #{{ listitem }}"
state: "{{ item.1.state | default('present')}}"
backup: yes
with_subelements:
- "{{ users }}"
- csh_blocks
- skip_missing: true
when: ansible_os_family == 'FreeBSD' and item.0.state == "present"
loop_control:
index_var: listitem
- name: Disable sudo for user
become: true
file:
path: "{{ sudoers_path }}/{{ item.name }}"
state: absent
when: item.enable_sudo is defined and item.enable_sudo == false
with_items: "{{ users }}"
- name: Include sudoers.d
become: true
lineinfile:
dest: "{{ sudo_config_path }}"
state: present
regexp: '^\#includedir {{ sudoers_path }}'
line: '#includedir {{ sudoers_path }}'
validate: 'visudo -cf %s'
|
Just tested the ssh config playbook and this just works. Are you looking at the ssh config file of the correct user (wild guess)? |
Resolved ✅ |
This example entry below, and any other entry I add in the
ssh_config:
line doesn't seem to insert these config option into my servers.ansible-experiments/add-users-groups-authorized_keys-dot-files/group_vars/all
Lines 37 to 38 in f425969
Also the whole
~/.ssh/config
file is empty.less ~/.ssh/config
On a related note this
ssh-config/defaults/main.yml
file is empty. Is that on purpose?CC: @vincentvdk
x-post: #9
The text was updated successfully, but these errors were encountered: