[英]Ansible: loop with using collection and role
我這周在 Ansible 中做了第一步,然后我中斷了 include_tasks 以循環提供一個角色。 所需的任務是為一堆域創建 Letsencrypt 證書,感謝 T-Systems-MMS,已經有一個集合可以通過 letsencrypt 和 AutoDNS 的 API 來做到這一點(參見https://github.com/T-Systems- MMS/ansible-collection-acme/blob/master/docs/dns-challenge/autodns.md )。
使用我的設置填充此劇本,它在一個域中運行良好。 我嘗試循環是(希望在匿名化代碼時沒有錯誤):
劇本_getsslcert_main.yml:
---
- hosts: localhost
connection: local
vars:
ansible_python_interpreter: auto
tasks:
- name: Get SSL certificate
include_tasks: playbook_getsslcert_task.yml
loop:
- sub1.domain1.com
- sub2.domain1.com
劇本_getsslcert_task.yml:
---
- name: Doing letsencrypt ACME with AutoDNS
collections:
- t_systems_mms.acme
roles:
- acme
vars:
nbb_emailadress: my.email@example.com
nbb_autodnsuser: login.user@other.com
acme_domain:
certificate_name: "{{ item }}"
zone: "domain1.com"
email_address: "{{ nbb_emailadress }}"
subject_alt_name:
- "{{ item }}"
acme_challenge_provider: autodns
acme_use_live_directory: true
acme_conf_dir: /etc/letsencrypt
acme_account_email: "{{ nbb_emailadress }}"
acme_dns_user: "{{ nbb_autodnsuser }}"
acme_dns_password: "supersecret"
我得到的錯誤是
fatal: [localhost]: FAILED! => {"reason": "conflicting action statements: hosts, roles\n\nThe error appears to be in 'playbook_getsslcert_task.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Doing letsencrypt ACME with AutoDNS\n ^ here\n"}
我和我同事都是經驗豐富的Linux大佬,我們測試了很多; 我們還用 formatcheckers 等檢查了 YAML,做了不同的 styles 循環,嘗試了一個例子 tasks.ym 只是為了寫一條消息,檢查文件格式(換行符,正確的 HEX 值,......)等等。 但是 Ansible 不喜歡這個劇本。
感謝您的所有建議。
編輯:Ubuntu 18.04 LTS,Python 3.6.9,Ansible 2.9.27
感謝@Zeitounator(抱歉忽略了您的第一個鏈接),找到了一個合適且有效的解決方案:
---
- hosts: all
connection: local
vars:
ansible_python_interpreter: auto
tasks:
- name: "Doing letsencrypt ACME with AutoDNS for {{ nbb_domain }}"
collections:
- t_systems_mms.acme
include_role:
name: acme
vars:
nbb_emailadress: my.email@example.com
nbb_autodnsuser: login.user@other.com
acme_domain:
certificate_name: "{{ nbb_domain }}"
zone: "domain1.com"
email_address: "{{ nbb_emailadress }}"
subject_alt_name:
- "{{ nbb_domain }}"
acme_challenge_provider: autodns
acme_use_live_directory: true
acme_conf_dir: /etc/letsencrypt
acme_account_email: "{{ nbb_emailadress }}"
acme_dns_user: "{{ nbb_autodnsuser }}"
acme_dns_password: "supersecret"
loop:
- sub1.domain1.com
- sub2.domain1.com
loop_control:
loop_var: nbb_domain
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.