🐞 Bug - ssh_config not working #11
Assignees
Labels
Comments
reelsense
added
bug
|
I'll have a look this evening |
|
This is weird because it works without problems here. What version of Ansible is being used? Could you post the output of the Ansible run? |
|
I tried it on a staging setup and I get a different error related to this same step. (Staging environment)(Click to expand code)TASK [ssh-config : Configure ~/.ssh/config] ******************************************************************
task path: /home/user/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml:22
fatal: [10.0.0.999]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ssh_short_name'\n\nThe error appears to have been in '/home/user/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml': line 22, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Configure ~/.ssh/config\n ^ here\n"
}
to retry, use: --limit @/home/user/add-users-groups-authorized_keys-dot-files/site.retry
PLAY RECAP ***************************************************************************************************
10.0.0.999 : ok=18 changed=2 unreachable=0 failed=1
I'm using a different |
(dev environment)I'm using a your provided Posting output of ansible on slexy. Because Github doesn't like that much output: (comment is too long (maximum is 65536 characters). ubuntu@bastion:~/git/private-fork/internal-ops/add-users-groups-authorized_keys-dot-files$ ssh -t 10.0.0.61 "cat ~/.ssh/config"
# BEGIN ANSIBLE MANAGED BLOCK
# END ANSIBLE MANAGED BLOCK
Connection to 10.0.0.61 closed.
ubuntu@bastion:~/git/private-fork/internal-ops/add-users-groups-authorized_keys-dot-files$ ssh -t 10.0.0.43 "cat ~/.ssh/config"
# BEGIN ANSIBLE MANAGED BLOCK
# END ANSIBLE MANAGED BLOCKConnection to 10.0.0.43 closed.
ubuntu@bastion:~/git/private-fork/internal-ops/add-users-groups-authorized_keys-dot-files$ ssh -t 10.0.0.79 "cat ~/.ssh/config"
# BEGIN ANSIBLE MANAGED BLOCK
# END ANSIBLE MANAGED BLOCKConnection to 10.0.0.79 closed. |
|
Do you have the following host_var set: I've also noticed something with the way the templating works to generate the ssh_config blocks. I need to look a bit further into that so I can fix that. |
|
I’ll check in about 15-20hours. I didn’t manually set that. So probably not?
…On Tue, Sep 4, 2018 at 22:13 Vincent Van der Kussen < ***@***.***> wrote:
Do you have the following host_var set: ssh_short_name?
example: 10.106.116.139 ssh_short_name=host2 ansible_user=root
I've also noticed something with the way the templating works to generate
the ssh_config blocks. I need to look a bit further into that so I can fix
that.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#11 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFYisecCTF_wGI8hIVLsLbIchXIYwgmuks5uX12LgaJpZM4WYElc>
.
|
My understanding of what you wrote is that I will have to get the host info from my Ansible controllers Can Ansible get the host name from the host it self on Ubuntu and FreeBSD? |
Depending on what you exactly need, you have some options amongst the gathered_facts (check |
|
Some work got in the way to look at this. Will do that in the next few days. |
reelsense
added a commit
that referenced
this issue
Sep 14, 2018
|
I merged your changes in f708bc9. It stops the problem I had with errors, but it doesn't seem to add my entries in (Click to expand group_vars/all)---
user_groups:
- name: test
gid: 799
state: absent
users:
- name: ec2-user
state: present
enable_sudo: true
keys:
- file: ec2-user
state: present
- name: ubuntu
state: present
enable_sudo: true
keys:
- file: ubuntu
state: present
bash_lines:
- line: 'export GPG_AGENT_INFO="${HOME}/.gnupg/S.gpg-agent:0:1"'
state: absent
bash_lines:
- line: 'export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent"'
state: present
bash_blocks:
- content: |
# SSH with GPG key on Yubikey
export GPG_TTY="$(tty)"
export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent"
state: absent
- content: |
###
## Filecount in a directory.
alias filecount='find . -maxdepth 1 -type f -print | wc -l'
## Reload shell
alias reload-bash_profile="source ~/.bashrc"
###
###
# Change UP and DOWN arrows to cycle through previous entrys of the current command. Like FreeBSD.
# From http://www.ukuug.org/events/linux2003/papers/bash_tips/
# Incremental searching with Up and Down is configured in .inputrc
bind '"\e[A": history-search-backward'
bind '"\e[B": history-search-forward'
#"\e[5~": history-search-backward
#"\e[6~": history-search-forward
#This allows you to continue using arrows for absolute chronological history then use PageUp and PageDn for history search.
#You could also change it to.
#"\e[5~": history-substring-search-backward
#"\e[6~": history-substring-search-forward
###
state: present
ssh_config:
- line: "ServerAliveInterval: 10"
- line: "StreamLocalBindUnlink: yes"I'm using: as per PR #12 I've made some minor changes to fix issues a chicken and egg issue with FreeBSD. But nothing that should have broke ssh_config. (Click to expand roles/users/tasks/users.yml)
---
- name: Ensure sudo is installed (Debian)
become_method: sudo
apt:
name: sudo
update_cache: yes
cache_valid_time: "{{ apt_cache_valid | default('86400') }}"
when: ansible_os_family == "Debian"
- name: Ensure sudo is installed (FreeBSD)
become_method: su
pkgng:
name: sudo
state: present
when: ansible_os_family == "FreeBSD"
- name: Enable sudo for user (FreeBSD)
become_method: su
lineinfile:
path: "{{ sudoers_path }}/{{ item.name }}"
line: "{{ item.name }} ALL=(ALL) NOPASSWD:ALL"
state: present
create: true
when:
- ansible_os_family == "FreeBSD"
- item.enable_sudo is defined and item.enable_sudo == true
with_items: "{{ users }}"
- name: Enable sudo for user (Ubuntu)
become_method: sudo
lineinfile:
path: "{{ sudoers_path }}/{{ item.name }}"
line: "{{ item.name }} ALL=(ALL) NOPASSWD:ALL"
state: present
create: true
when:
- ansible_os_family == "Debian"
- item.enable_sudo is defined and item.enable_sudo == true
with_items: "{{ users }}"
- name: Add/Remove group
become_method: sudo
group:
name: "{{ item.name }}"
gid: "{{ item.gid | default(omit) }}"
state: "{{ item.state | default('present') }}"
with_items: "{{ user_groups }}"
- name: Add/Remove user
become_method: sudo
user:
name: "{{ item.name }}"
state: "{{ item.state | default('present') }}"
password: "{{ item.password | default(omit) }}"
groups: "{{ item.groups | default(omit) }}"
uid: "{{ item.uid | default(omit) }}"
shell: "{{ item.shell | default(default_shell) }}"
remove: yes
no_log: False
with_items: "{{ users }}"
- name: Configure bashrc lines
become_method: sudo
lineinfile:
path: "/home/{{ item.0.name }}/.bashrc"
line: "{{ item.1.line }}"
state: "{{ item.1.state | default('present') }}"
backup: yes
with_subelements:
- "{{ users }}"
- bash_lines
- skip_missing: true
when: ansible_os_family == 'Debian' and item.0.state == "present"
- name: Configure bashrc blocks
become_method: sudo
blockinfile:
path: "/home/{{ item.0.name }}/.bashrc"
content: "{{ item.1.content }}"
marker: "# {mark} ANSIBLE managed content. Block item #{{ listitem }}"
state: "{{ item.1.state | default('present') }}"
backup: yes
with_subelements:
- "{{ users }}"
- bash_blocks
- skip_missing: true
when: ansible_os_family == 'Debian' and item.0.state == "present"
loop_control:
index_var: listitem
- name: Configure cshrc lines
become_method: su
lineinfile:
path: "/home/{{ item.0.name }}/.cshrc"
line: "{{ item.1.line }}"
state: "{{ item.1.state | default('present')}}"
backup: yes
with_subelements:
- "{{ users }}"
- csh_lines
- skip_missing: true
when: ansible_os_family == 'FreeBSD' and item.0.state == "present"
- name: Configure cshrc blocks
become_method: su
blockinfile:
path: "/home/{{ item.0.name }}/.cshrc"
content: "{{ item.1.content }}"
marker: "# {mark} ANSIBLE managed content. Block item #{{ listitem }}"
state: "{{ item.1.state | default('present')}}"
backup: yes
with_subelements:
- "{{ users }}"
- csh_blocks
- skip_missing: true
when: ansible_os_family == 'FreeBSD' and item.0.state == "present"
loop_control:
index_var: listitem
- name: Disable sudo for user
become: true
file:
path: "{{ sudoers_path }}/{{ item.name }}"
state: absent
when: item.enable_sudo is defined and item.enable_sudo == false
with_items: "{{ users }}"
- name: Include sudoers.d
become: true
lineinfile:
dest: "{{ sudo_config_path }}"
state: present
regexp: '^\#includedir {{ sudoers_path }}'
line: '#includedir {{ sudoers_path }}'
validate: 'visudo -cf %s'
|
|
Just tested the ssh config playbook and this just works. Are you looking at the ssh config file of the correct user (wild guess)? |
Resolved ✅ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This example entry below, and any other entry I add in the
ssh_config:line doesn't seem to insert these config option into my servers.ansible-experiments/add-users-groups-authorized_keys-dot-files/group_vars/all
Lines 37 to 38 in f425969
Also the whole
~/.ssh/configfile is empty.less ~/.ssh/configOn a related note this
ssh-config/defaults/main.ymlfile is empty. Is that on purpose?CC: @vincentvdk
x-post: #9
The text was updated successfully, but these errors were encountered: