[英]Ansible: loop with using collection and role
我这周在 Ansible 中做了第一步,然后我中断了 include_tasks 以循环提供一个角色。 所需的任务是为一堆域创建 Letsencrypt 证书,感谢 T-Systems-MMS,已经有一个集合可以通过 letsencrypt 和 AutoDNS 的 API 来做到这一点(参见https://github.com/T-Systems- MMS/ansible-collection-acme/blob/master/docs/dns-challenge/autodns.md )。
使用我的设置填充此剧本,它在一个域中运行良好。 我尝试循环是(希望在匿名化代码时没有错误):
剧本_getsslcert_main.yml:
---
- hosts: localhost
connection: local
vars:
ansible_python_interpreter: auto
tasks:
- name: Get SSL certificate
include_tasks: playbook_getsslcert_task.yml
loop:
- sub1.domain1.com
- sub2.domain1.com
剧本_getsslcert_task.yml:
---
- name: Doing letsencrypt ACME with AutoDNS
collections:
- t_systems_mms.acme
roles:
- acme
vars:
nbb_emailadress: my.email@example.com
nbb_autodnsuser: login.user@other.com
acme_domain:
certificate_name: "{{ item }}"
zone: "domain1.com"
email_address: "{{ nbb_emailadress }}"
subject_alt_name:
- "{{ item }}"
acme_challenge_provider: autodns
acme_use_live_directory: true
acme_conf_dir: /etc/letsencrypt
acme_account_email: "{{ nbb_emailadress }}"
acme_dns_user: "{{ nbb_autodnsuser }}"
acme_dns_password: "supersecret"
我得到的错误是
fatal: [localhost]: FAILED! => {"reason": "conflicting action statements: hosts, roles\n\nThe error appears to be in 'playbook_getsslcert_task.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Doing letsencrypt ACME with AutoDNS\n ^ here\n"}
我和我同事都是经验丰富的Linux大佬,我们测试了很多; 我们还用 formatcheckers 等检查了 YAML,做了不同的 styles 循环,尝试了一个例子 tasks.ym 只是为了写一条消息,检查文件格式(换行符,正确的 HEX 值,......)等等。 但是 Ansible 不喜欢这个剧本。
感谢您的所有建议。
编辑:Ubuntu 18.04 LTS,Python 3.6.9,Ansible 2.9.27
感谢@Zeitounator(抱歉忽略了您的第一个链接),找到了一个合适且有效的解决方案:
---
- hosts: all
connection: local
vars:
ansible_python_interpreter: auto
tasks:
- name: "Doing letsencrypt ACME with AutoDNS for {{ nbb_domain }}"
collections:
- t_systems_mms.acme
include_role:
name: acme
vars:
nbb_emailadress: my.email@example.com
nbb_autodnsuser: login.user@other.com
acme_domain:
certificate_name: "{{ nbb_domain }}"
zone: "domain1.com"
email_address: "{{ nbb_emailadress }}"
subject_alt_name:
- "{{ nbb_domain }}"
acme_challenge_provider: autodns
acme_use_live_directory: true
acme_conf_dir: /etc/letsencrypt
acme_account_email: "{{ nbb_emailadress }}"
acme_dns_user: "{{ nbb_autodnsuser }}"
acme_dns_password: "supersecret"
loop:
- sub1.domain1.com
- sub2.domain1.com
loop_control:
loop_var: nbb_domain
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.